Lucene search

[email protected]CVE-2000-0622

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2000-0622

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0622

buffer overflow

webfind cgi program

remote attack

o'reilly website professional.

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON

Buffer overflow in Webfind CGI program in O’Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long “keywords” parameter.

Affected configurations

NVD

Node

oreillywebsite_professionalMatch2.3.18

oreillywebsite_professionalMatch2.4

oreillywebsite_professionalMatch2.4.9

CPENameOperatorVersion
oreilly:website_professionaloreilly website professionaleq2.3.18
oreilly:website_professionaloreilly website professionaleq2.4
oreilly:website_professionaloreilly website professionaleq2.4.9

CPE	Name	Operator	Version
oreilly:website_professional	oreilly website professional	eq	2.3.18
oreilly:website_professional	oreilly website professional	eq	2.4
oreilly:website_professional	oreilly website professional	eq	2.4.9

References

website.oreilly.com/support/software/wspro25_releasenotes.txt

www.nai.com/research/covert/advisories/043.asp

www.securityfocus.com/bid/1487

exchange.xforce.ibmcloud.com/vulnerabilities/4962

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON

Related for CVE-2000-0622

nessus1 cvelist1 nvd1