7 lines
No EOL
487 B
Text
7 lines
No EOL
487 B
Text
source: https://www.securityfocus.com/bid/5226/info
|
|
|
|
BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems.
|
|
|
|
It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file name will return the contents of the file. This type of request can be applied to gain access to sensitive information, such as the BadBlue configuration file.
|
|
|
|
GET /ext.ini.% 00.txt HTTP/1.0 |