Vulnerability Details CVE-2000-0639
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
- http://www.osvdb.org/1472
- http://www.securityfocus.com/bid/1494
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5103
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
- http://www.osvdb.org/1472
- http://www.securityfocus.com/bid/1494
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5103
Products affected by CVE-2000-0639
-
cpe:2.3:a:sean_macguire:big_brother:1.0
-
cpe:2.3:a:sean_macguire:big_brother:1.09b
-
cpe:2.3:a:sean_macguire:big_brother:1.09c
-
cpe:2.3:a:sean_macguire:big_brother:1.09d
-
cpe:2.3:a:sean_macguire:big_brother:1.1
-
cpe:2.3:a:sean_macguire:big_brother:1.2
-
cpe:2.3:a:sean_macguire:big_brother:1.3
-
cpe:2.3:a:sean_macguire:big_brother:1.3b
-
cpe:2.3:a:sean_macguire:big_brother:1.4
-
cpe:2.3:a:sean_macguire:big_brother:1.4g
-
cpe:2.3:a:sean_macguire:big_brother:1.4h
-
cpe:2.3:a:sean_macguire:big_brother:1.4h1