Vulnerabilities > CVE-2005-0595 - Remote Buffer Overflow vulnerability in Working Resources Inc. Badblue 2.55

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
working-resources-inc
nessus
exploit available
metasploit
NVD
Published: 2005-05-02
Updated: 2017-07-12

Summary

Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.

Vulnerable Configurations

Part Description Count
Application
Working_Resources_Inc.
1

Exploit-Db

  • descriptionBadBlue 2.5 EXT.dll Buffer Overflow. CVE-2005-0595. Remote exploit for windows platform
    idEDB-ID:16761
    last seen2016-02-02
    modified2010-07-07
    published2010-07-07
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16761/
    titleBadBlue 2.5 EXT.dll Buffer Overflow
  • descriptionBadBlue 2.5 Easy File Sharing Remote Buffer Overflow. CVE-2005-0595. Remote exploit for windows platform
    idEDB-ID:845
    last seen2016-01-31
    modified2005-02-27
    published2005-02-27
    reporterclass101
    sourcehttps://www.exploit-db.com/download/845/
    titleBadBlue 2.5 Easy File Sharing Remote Buffer Overflow

Metasploit

descriptionThis is a stack buffer overflow exploit for BadBlue version 2.5.
idMSF:EXPLOIT/WINDOWS/HTTP/BADBLUE_EXT_OVERFLOW
last seen2020-05-23
modified2017-07-24
published2006-12-23
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0595
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/badblue_ext_overflow.rb
titleBadBlue 2.5 EXT.dll Buffer Overflow

Nessus

NASL familyWeb Servers
NASL idBADBLUE_EXTDLL.DOS.NASL
descriptionThe remote host is running a version of BadBlue HTTP server that has a buffer overflow vulnerability in
last seen2020-06-01
modified2020-06-02
plugin id17241
published2005-03-01
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/17241
titleBadBlue ext.dll mfcisapicommand Parameter Remote Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83022/badblue_ext_overflow.rb.txt
idPACKETSTORM:83022
last seen2016-12-05
published2009-11-26
reporteracaro
sourcehttps://packetstormsecurity.com/files/83022/BadBlue-2.5-EXT.dll-Buffer-Overflow.html
titleBadBlue 2.5 EXT.dll Buffer Overflow

References