Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Web Server/CGI)  >   BadBlue Web Server Vendors:   Working Resources (BadBlue)
BadBlue's Windows-Based Web Server Can Be Crashed Via the Network and May Display Full Path Names
SecurityTracker Alert ID:  1000945
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Feb 17 2001
Original Entry Date:  Feb 17 2001
Impact:   Denial of service via network, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): BadBlue 1.02.07 Personal Edition and possibly others with the same version number
Description:   The BadBlue web server for Windows reportedly contains two vulnerabilities. By remotely providing the web server's "ext.dll" file with improper data, you can 1) obtain the full path of the web server, and 2) crash the web server.

The BadBlue web server reportedly serves files through a library called ext.dll. A typical request might be:

If data following the "ext.dll" in a request is ommitted, the server will return an error which discloses the path of the server on the host. In addition, by supplying data of 284 bytes or greater following the "ext.dll", the BadBlue web server can be made to crash.

Impact:   An attacker can remotely determine the full path of the web server and can cause the web server to crash.
Solution:   The vendor has fixed the problem in a new release: BadBlue version 1.02.8.
Vendor URL: (Links to External Site)
Cause:   Exception handling error, Input validation error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  FW: BadBlue Web Server Ext.dll Vulnerabilities

-----Original Message-----
From: SNS Research []
Sent: Saturday, February 17, 2001 2:19 AM
Subject: BadBlue Web Server Ext.dll Vulnerabilities

Strumpf Noir Society Advisories
! Public release !

-= BadBlue Web Server Ext.dll Vulnerabilities =-

Release date: Saturday, February 17, 2001


BadBlue is a (MS Windows-based) web server intended for a wide range of
applications, from providing file sharing possibilities to an
application development and deployment environment. It includes
full-featured support of tools like CGI, ISAPI and PHP.

BadBlue can be found on at vendor Working Resources Inc.'s website:


The BadBlue web server serves files through a library called ext.dll.
A typical request to the server would be build up through a request to
this file together with a string containing the actual command data like

Some ways have been found to manipulate the server by playing with this
string. By omitting the data following ext.dll in above mentioned
request, the server will return an error which discloses information
regarding the path where it is running on the machine. What's more, by
substituting this data for a string of 284 bytes or more, the BadBlue
web server will die.

Directory disclosure example:


will result in:

[Error: opening c:\program files\badblue\pe\default.htx (2)]

Denial-of-service example:

http://server/ext.dll?aaaaa(x 248 bytes)

will cause the server to die.



Working Resources Inc. has made BadBlue version 1.02.8 availble from its
website, which adresses these problems.

This was tested against BadBlue 1.02.07 Personal Edition. After
contacting the vendor it is our understanding that the other members of
the BadBlue product suite are based on the same code base and are
vulnerable as well. Users are encouraged to upgrade.


Free sk8! (

SNS Research is rfpolicy (
compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!

** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC