Lucene search

[email protected]CVE-2002-0599

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0599

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0599

blahz-dns

remote attackers

authentication bypass

cgi

configuration modification

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.301 Low

EPSS

Percentile

97.0%

JSON

Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.

Affected configurations

NVD

Node

blahz-dnsblahz-dnsMatch0.2

CPENameOperatorVersion
blahz-dns:blahz-dnsblahz-dnseq0.2

CPE	Name	Operator	Version
blahz-dns:blahz-dns	blahz-dns	eq	0.2

References

archives.neohapsis.com/archives/bugtraq/2002-04/0395.html

sourceforge.net/project/shownotes.php?release_id=87004

www.iss.net/security_center/static/8951.php

www.osvdb.org/5178

www.securityfocus.com/bid/4618

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.301 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2002-0599

nvd1 cert1 cvelist1