- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22620
- Проверка EDB
-
- Пройдено
- Автор
- MATTMURPHY
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2003-0332
- Дата публикации
- 2003-05-20
Код:
source: https://www.securityfocus.com/bid/7638/info
BadBlue is prone to a vulnerability that could allow remote attackers to gain unauthorized access to administrative functions.
It is possible to bypass BadBlue security checks when '.hts' files are requested by a remote user. BadBlue restricts access to non-HTML files by replacing the first two letters in the file extension of a requested resource with 'ht'. If the third character of a file extension is 's', then it is possible to trick BadBlue into serving a non-HTML file with an extension of '.hts'. This will bypass other security checks which would normally prevent BadBlue from serving these files to remote users.
http://www.example.com/ext.dll?mfcisapicommand=loadpage&page=admin.ats&a0=add&a1=root&a2=%5C
This example will reveal the contents of the server's primary volume.- Источник
- www.exploit-db.com
