CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0639

HIGH
7.5
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile5.99th
PublishedJun 11, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

Affected Platforms (CPE)

πŸ“¦
Sean Macguire

Big Brother

= 1.0
πŸ“¦
Sean Macguire

Big Brother

= 1.1
πŸ“¦
Sean Macguire

Big Brother

= 1.2
πŸ“¦
Sean Macguire

Big Brother

= 1.3
πŸ“¦
Sean Macguire

Big Brother

= 1.3b
πŸ“¦
Sean Macguire

Big Brother

= 1.4
πŸ“¦
Sean Macguire

Big Brother

= 1.4g
πŸ“¦
Sean Macguire

Big Brother

= 1.4h
πŸ“¦
Sean Macguire

Big Brother

= 1.4h1
πŸ“¦
Sean Macguire

Big Brother

= 1.09b
πŸ“¦
Sean Macguire

Big Brother

= 1.09c
πŸ“¦
Sean Macguire

Big Brother

= 1.09d

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
πŸ”— http://www.osvdb.org/1472
πŸ”— http://www.securityfocus.com/bid/1494
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5103
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
πŸ”— http://www.osvdb.org/1472
πŸ”— http://www.securityfocus.com/bid/1494
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5103

Related Vulnerabilities

CVE-2000-063810.0

bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HO...

CVE-2000-04507.5

Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.

CVE-2000-09787.5

bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&...

CVE-1999-14625.0

Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrar...