Intrusion Prevention

BadBlue.MFCISAPICommand.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in BadBlue. BadBlue is a free personal file-sharing Web server developed by Working Resources Inc.
The vulnerability is due to a boundary error in "ext.dll" when processing HTTP requests. This can be exploited to cause a buffer overflow by supplying a specially crafted HTTP request with an overly long "mfcisapicommand" parameter.

Affected Products

Working Resources Inc. BadBlue 2.55.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Upgrade to Working Resources Inc. BadBlue 2.61 or newer.

CVE References

CVE-2005-0595