CyberSec.Space Logo
CVEブラウザに戻る

CVE-2000-0639

HIGH
7.5
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile5.99th
Published2000年6月11日
Last Modified2026年4月16日

Vulnerability Description

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

Affected Platforms (CPE)

📦
Sean Macguire

Big Brother

= 1.0
📦
Sean Macguire

Big Brother

= 1.1
📦
Sean Macguire

Big Brother

= 1.2
📦
Sean Macguire

Big Brother

= 1.3
📦
Sean Macguire

Big Brother

= 1.3b
📦
Sean Macguire

Big Brother

= 1.4
📦
Sean Macguire

Big Brother

= 1.4g
📦
Sean Macguire

Big Brother

= 1.4h
📦
Sean Macguire

Big Brother

= 1.4h1
📦
Sean Macguire

Big Brother

= 1.09b
📦
Sean Macguire

Big Brother

= 1.09c
📦
Sean Macguire

Big Brother

= 1.09d

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
🔗 http://www.osvdb.org/1472
🔗 http://www.securityfocus.com/bid/1494
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5103
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
🔗 http://www.osvdb.org/1472
🔗 http://www.securityfocus.com/bid/1494
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5103

関連する脆弱性情報

CVE-2000-063810.0

bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HO...

CVE-2000-04507.5

Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.

CVE-2000-09787.5

bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&...

CVE-1999-14625.0

Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrar...