Quest Big Brother Remote File Overwrite

Added: 06/14/2011
BID: 47805
OSVDB: 72347


Quest Big Brother is server monitoring package.


The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal vulnerability.


At this time no patch is available. Restrict access to TCP port 1984 of the Big Brother service to trusted servers only.



This exploit has been tested against Quest Software Big Brother Professional Edition Windows Server 4.4 on Windows Server 2003 SP2 English (DEP OptOut). The exploit will leave the following file on the system C:\docume~1\alluse~1\startm~1\programs\startup\exploit.js. This file should be manually removed after successful exploitation. Exploitation will not occur until after the server has been rebooted and an admin logs in.



Back to exploit index