ID CVE-2000-0423
Type cve
Reporter NVD
Modified 2016-10-17T22:07:00
Description
Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.
{"id": "CVE-2000-0423", "bulletinFamily": "NVD", "title": "CVE-2000-0423", "description": "Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.", "published": "2000-05-05T00:00:00", "modified": "2016-10-17T22:07:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0423", "reporter": "NVD", "references": ["http://www.securityfocus.com/bid/1172", "http://marc.info/?l=bugtraq&m=95764950403250&w=2"], "cvelist": ["CVE-2000-0423"], "type": "cve", "lastseen": "2017-04-18T15:49:23", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:netwin:dnews:5.3"], "cvelist": ["CVE-2000-0423"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.", "edition": 1, "hash": "57c2aaf7698a49e11d33793a0cbcb1a3e51fb1c3c0a19ca837798a67efb3ddc1", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "e6b27b46a37a5fc27a7b67eaf51354f2", "key": "cpe"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "c2ef508d579a0bbcf5914387169665e5", "key": "description"}, {"hash": "cfbc2b2f840c2a5b9296caed2986874d", "key": "cvelist"}, {"hash": "756029500f7b5b094c1e4e9b13539d31", "key": "references"}, {"hash": "2dd67a01786e29aa688d954b0051a0a0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6138bdc3f0594c60cd38ba0b4d273035", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "eb09104ec484070d1f2b419d5ce9e93b", "key": "published"}, {"hash": "1b5fd7342f262d0d69c065a699985d4f", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0423", "id": "CVE-2000-0423", "lastseen": "2016-09-03T02:38:50", "modified": "2008-09-10T15:04:37", "objectVersion": "1.2", "published": "2000-05-05T00:00:00", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=95764950403250&w=2", "http://www.securityfocus.com/bid/1172"], "reporter": "NVD", "scanner": [], "title": "CVE-2000-0423", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T02:38:50"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "e6b27b46a37a5fc27a7b67eaf51354f2"}, {"key": "cvelist", "hash": "cfbc2b2f840c2a5b9296caed2986874d"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "c2ef508d579a0bbcf5914387169665e5"}, {"key": "href", "hash": "2dd67a01786e29aa688d954b0051a0a0"}, {"key": "modified", "hash": "54a87c88a35a1884e2e912dbea82fd51"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "eb09104ec484070d1f2b419d5ce9e93b"}, {"key": "references", "hash": "22047ba76df16909c3bcaa473c025e47"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "1b5fd7342f262d0d69c065a699985d4f"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "1464742b7d766cc1481cfeec681a79d23c10fd10c4bc1050fcea75ce5d55190e", "viewCount": 0, "objectVersion": "1.2", "cpe": ["cpe:/a:netwin:dnews:5.3"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": [], "enchantments": {"vulnersScore": 5.8}}
{"result": {"osvdb": [{"id": "OSVDB:13683", "type": "osvdb", "title": "Netwin DNews News Server DNEWSWEB QUERY_STRING Overflow", "description": "# No description provided by the source\n\n## References:\nOther Advisory URL: http://www.atstake.com/research/advisories/2000/advdnw.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-05/0070.html\nISS X-Force ID: 4421\n[CVE-2000-0423](https://vulners.com/cve/CVE-2000-0423)\nBugtraq ID: 1172\n", "published": "2000-05-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:13683", "cvelist": ["CVE-2000-0423"], "lastseen": "2017-04-28T13:20:09"}], "exploitdb": [{"id": "EDB-ID:19895", "type": "exploitdb", "title": "NetWin DNews 5.3 Server Buffer Overflow Vulnerability", "description": "NetWin DNews 5.3 Server Buffer Overflow Vulnerability. CVE-2000-0423. Remote exploit for windows platform", "published": "2000-03-01T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/19895/", "cvelist": ["CVE-2000-0423"], "lastseen": "2016-02-02T12:59:42"}], "nessus": [{"id": "DANGEROUS_CGIS.NASL", "type": "nessus", "title": "Multiple Dangerous CGI Script Detection", "description": "It is possible that the remote web server contains one or more dangerous CGI scripts. \n\nNote that this plugin does not actually test for the underlying flaws but instead only searches for scripts with the same name as those with known vulnerabilities.", "published": "2003-06-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=11748", "cvelist": ["CVE-2000-0923", "CVE-2002-0955", "CVE-2001-0022", "CVE-2001-0135", "CVE-2000-0423", "CVE-2001-0180", "CVE-2001-0100", "CVE-2001-0023", "CVE-2001-1343", "CVE-2002-0750", "CVE-2000-1023", "CVE-2001-0099", "CVE-2000-0288", "CVE-2003-0153", "CVE-1999-1377", "CVE-1999-1374", "CVE-1999-0935", "CVE-2001-1212", "CVE-2001-1196", "CVE-1999-0937", "CVE-2001-0420", "CVE-2000-0526", "CVE-2001-0123", "CVE-2001-0133", "CVE-2001-1205", "CVE-2000-1131", "CVE-2002-1526", "CVE-2001-1283", "CVE-2002-0749", "CVE-2000-0977", "CVE-1999-1072", "CVE-2002-1334", "CVE-2002-1334", "CVE-2002-0346", "CVE-2002-0203", "CVE-2000-0952", "CVE-2000-1132", "CVE-1999-0934", "CVE-2001-1100", "CVE-2002-0611", "CVE-2002-0752", "CVE-2002-0263", "CVE-2002-0710", "CVE-2001-0562", "CVE-2002-0917", "CVE-2002-0751", "CVE-2002-0230", "CVE-2001-0076"], "lastseen": "2017-02-21T19:03:36"}], "openvas": [{"id": "OPENVAS:136141256231011748", "type": "openvas", "title": "Various dangerous cgi scripts", "description": "Some of the following dangerous CGIs were found.\n\n By default this script only checks for this CGIs within the /cgi-bin directory. You can change\n this behavior with the script preference to check all detected CGI directories.", "published": "2005-11-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231011748", "cvelist": ["CVE-2000-0923", "CVE-2002-0955", "CVE-2001-0022", "CVE-2001-0135", "CVE-2000-0423", "CVE-2001-0180", "CVE-2001-0100", "CVE-2001-0023", "CVE-2001-1343", "CVE-2000-1023", "CVE-2001-0099", "CVE-2000-0288", "CVE-2003-0153", "CVE-1999-1377", "CVE-2004-0734", "CVE-1999-1374", "CVE-2004-0251", "CVE-1999-0935", "CVE-2001-1212", "CVE-2001-1196", "CVE-1999-0936", "CVE-1999-0937", "CVE-2001-0420", "CVE-2000-0526", "CVE-2001-0123", "CVE-2004-0665", "CVE-2001-0133", "CVE-2001-1205", "CVE-2000-1131", "CVE-2002-1526", "CVE-2001-1283", "CVE-2002-0749", "CVE-2000-0977", "CVE-1999-1072", "CVE-2002-1334", "CVE-2002-0346", "CVE-2002-0203", "CVE-2000-0952", "CVE-2000-1132", "CVE-1999-0934", "CVE-2001-1100", "CVE-2002-0611", "CVE-2002-0263", "CVE-2002-0710", "CVE-2001-0562", "CVE-2002-0917", "CVE-2002-0230", "CVE-2004-0696", "CVE-2001-0076"], "lastseen": "2017-07-02T21:10:05"}]}}