CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0638

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile23.43th
PublishedJul 11, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.

Affected Platforms (CPE)

πŸ“¦
Sean Macguire

Big Brother

= 1.0
πŸ“¦
Sean Macguire

Big Brother

= 1.1
πŸ“¦
Sean Macguire

Big Brother

= 1.2
πŸ“¦
Sean Macguire

Big Brother

= 1.3
πŸ“¦
Sean Macguire

Big Brother

= 1.3b
πŸ“¦
Sean Macguire

Big Brother

= 1.4
πŸ“¦
Sean Macguire

Big Brother

= 1.4g
πŸ“¦
Sean Macguire

Big Brother

= 1.4h
πŸ“¦
Sean Macguire

Big Brother

= 1.4h1
πŸ“¦
Sean Macguire

Big Brother

= 1.09b
πŸ“¦
Sean Macguire

Big Brother

= 1.09c
πŸ“¦
Sean Macguire

Big Brother

= 1.09d

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0146.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0147.html
πŸ”— http://bb4.com/README.CHANGES
πŸ”— http://www.securityfocus.com/bid/1455
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/4879
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0146.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0147.html
πŸ”— http://bb4.com/README.CHANGES

Related Vulnerabilities

CVE-2000-04507.5

Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.

CVE-2000-06397.5

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attack...

CVE-2000-09787.5

bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&...

CVE-1999-14625.0

Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrar...