BadBlue Invalid Null Byte Vulnerability Network Vulnerability

Summary

It was possible to read the content of /EXT.INI (BadBlue configuration file) by sending an invalid GET request. A cracker may exploit this vulnerability to steal the passwords.

Solution

upgrade your software or protect it with a filtering reverse proxy

Severity

Classification

CVE CVE-2002-1021

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)
Check for dangerous IIS default files
Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
CUPS Information Disclosure Vulnerability
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability

BadBlue invalid null byte vulnerability

Take action and discover your vulnerabilities