Working Resources Inc. BadBlue peer-to-peer (P2P) file-sharing web server allows users to share files with remote users. BadBlue Enterprise and Personal Edition Version 1.7.3 contain file disclosure and password vulnerabilities that enable a remote attacker to gain access to any passwords for secured resources or user accounts.
The file disclosure vulnerability can be exploited by sending a malformed version of the HTTP-escaped null byte. The attacker can append .%00.txt to the file name and force BadBlue to return the source code of the desired file. This can be used to read the contents of ext.ini, which stores BadBlue's configuration file, as well as Access Control Lists, users, and passwords.
The password vulnerability exists as a result of the way the passwords are stored in the ext.ini file. A local attacker can view the configuration file and see any passwords for secured resources or user accounts. BadBlue stores the passwords without encryption, enabling easy access to them. Combined with the file disclosure vulnerability, a remote attacker can gain access to these passwords and use them for future attacks.
Patches are unavailable.