CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0696

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/sun/2000-q3/0001.html
http://seclists.org/bugtraq/2000/Aug/0105.html
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
http://www.securityfocus.com/bid/1554
https://exchange.xforce.ibmcloud.com/vulnerabilities/5069
http://archives.neohapsis.com/archives/sun/2000-q3/0001.html
http://seclists.org/bugtraq/2000/Aug/0105.html
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
http://www.securityfocus.com/bid/1554
https://exchange.xforce.ibmcloud.com/vulnerabilities/5069

Products affected by CVE-2000-0696

Sun » Solaris Answerbook2 » Version: 1.3

cpe:2.3:a:sun:solaris_answerbook2:1.3
Sun » Solaris Answerbook2 » Version: 1.4

cpe:2.3:a:sun:solaris_answerbook2:1.4
Sun » Solaris Answerbook2 » Version: 1.4.1

cpe:2.3:a:sun:solaris_answerbook2:1.4.1
Sun » Solaris Answerbook2 » Version: 1.4.2

cpe:2.3:a:sun:solaris_answerbook2:1.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0696

Products

Pricing

Contact Us