Lucene search

[email protected]CVE-2000-0639

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0639

2000-10-1304:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0639

information security

remote attack

cgi script

web server

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

Affected configurations

NVD

Node

sean_macguirebig_brotherMatch1.0

sean_macguirebig_brotherMatch1.1

sean_macguirebig_brotherMatch1.2

sean_macguirebig_brotherMatch1.3

sean_macguirebig_brotherMatch1.3b

sean_macguirebig_brotherMatch1.4

sean_macguirebig_brotherMatch1.4g

sean_macguirebig_brotherMatch1.4h

sean_macguirebig_brotherMatch1.4h1

sean_macguirebig_brotherMatch1.09b

sean_macguirebig_brotherMatch1.09c

sean_macguirebig_brotherMatch1.09d

CPENameOperatorVersion
sean_macguire:big_brothersean macguire big brothereq1.0
sean_macguire:big_brothersean macguire big brothereq1.1
sean_macguire:big_brothersean macguire big brothereq1.2
sean_macguire:big_brothersean macguire big brothereq1.3
sean_macguire:big_brothersean macguire big brothereq1.3b
sean_macguire:big_brothersean macguire big brothereq1.4
sean_macguire:big_brothersean macguire big brothereq1.4g
sean_macguire:big_brothersean macguire big brothereq1.4h
sean_macguire:big_brothersean macguire big brothereq1.4h1
sean_macguire:big_brothersean macguire big brothereq1.09b

CPE	Name	Operator	Version
sean_macguire:big_brother	sean macguire big brother	eq	1.0
sean_macguire:big_brother	sean macguire big brother	eq	1.1
sean_macguire:big_brother	sean macguire big brother	eq	1.2
sean_macguire:big_brother	sean macguire big brother	eq	1.3
sean_macguire:big_brother	sean macguire big brother	eq	1.3b
sean_macguire:big_brother	sean macguire big brother	eq	1.4
sean_macguire:big_brother	sean macguire big brother	eq	1.4g
sean_macguire:big_brother	sean macguire big brother	eq	1.4h
sean_macguire:big_brother	sean macguire big brother	eq	1.4h1
sean_macguire:big_brother	sean macguire big brother	eq	1.09b

Rows per page:

1-10 of 121

References

archives.neohapsis.com/archives/bugtraq/2000-07/0171.html

www.osvdb.org/1472

www.securityfocus.com/bid/1494

exchange.xforce.ibmcloud.com/vulnerabilities/5103

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.7%

JSON

Related for CVE-2000-0639

cvelist1 nvd1