Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » BadBlue Web Server v1.7.0 Directory Contents Disclosure

BadBlue Web Server v1.7.0 Directory Contents Disclosure

by Nikola Strahija on June 3rd, 2002 BadBlue is a well known small-scale web server for sharing files with remote users. The server, by default, will not let a user view the contents of a directory. By appending the unicode variant of "%" (hex 25) it will cause the web server to display the contents of the current directory.


Vendor Status::
^^^^^^^^^^^^^^^^^
Vendor has been contacted and has produced a fix.


Workaround::
^^^^^^^^^^^^^^
Vendor has produced a patch.


Product Fix:
^^^^^^^^^^^^^
Version: BadBlue Personal Edition v1.7.1 May 28, 2002


Windows 95 and NT 4
http://www.badblue.com/bb95.exe


Windows 95, ME, 2000, XP
http://www.badblue.com/bb98.exe
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
p0p t4rtz
[email protected]


Bit
[email protected]



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »