source: http://www.securityfocus.com/bid/7638/info BadBlue is prone to a vulnerability that could allow remote attackers to gain unauthorized access to administrative functions. It is possible to bypass BadBlue security checks when '.hts' files are requested by a remote user. BadBlue restricts access to non-HTML files by replacing the first two letters in the file extension of a requested resource with 'ht'. If the third character of a file extension is 's', then it is possible to trick BadBlue into serving a non-HTML file with an extension of '.hts'. This will bypass other security checks which would normally prevent BadBlue from serving these files to remote users. http://www.example.com/ext.dll?mfcisapicommand=loadpage&page=admin.ats&a0=add&a1=root&a2=%5C This example will reveal the contents of the server's primary volume.
Related ExploitsTrying to match CVEs (1): CVE-2003-0332
Trying to match OSVDBs (1): 8614
Other Possible E-DB Search Terms: Working Resources BadBlue 1.7.x/2.x, Working Resources BadBlue 1.7.x, Working Resources BadBlue