BadBlue web server versions 2.2 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The engine attempts to restrict access to non-html files by requiring that 'ht' be the first letters of the target file's extension, and also requiring that requests to access '.hts' files are submitted by 127.0.0.1 and contain a proper 'Referer' header. This security feature is accomplished with a simple binary replace of the first two characters of the file extension. The two security checks are performed in an incorrect order, meaning that the first security check can inadvertently bypass the latter.
f852c3fef86aa05736d86e2685e0f3081337c1845300cb0286f034f7f66f44f0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed