CVE-2000-0696

Опубликовано: 20 окт. 2000

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

Ссылки

http://archives.neohapsis.com/archives/sun/2000-q3/0001.html
Patch
Vendor Advisory
http://seclists.org/bugtraq/2000/Aug/0105.html
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
http://www.securityfocus.com/bid/1554
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5069
http://archives.neohapsis.com/archives/sun/2000-q3/0001.html
Patch
Vendor Advisory
http://seclists.org/bugtraq/2000/Aug/0105.html
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
http://www.securityfocus.com/bid/1554
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5069

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:solaris_answerbook2:1.3:*:*:*:*:*:*:*

cpe:2.3:a:sun:solaris_answerbook2:1.4:*:*:*:*:*:*:*

cpe:2.3:a:sun:solaris_answerbook2:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:sun:solaris_answerbook2:1.4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.0938

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jw3x-m75w-3629

github

больше 3 лет назад