Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0622

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0622
Last Modified 10 Sep 2008 03:05:13
Published 19 Jul 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0622

Summary

Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.

Vulnerable Systems

Application

  • Oreilly Website Professional 2.3.18

  • Oreilly Website Professional 2.4

  • Oreilly Website Professional 2.4.9


References

CONFIRM - http://website.oreilly.com/support/software/wspro25_releasenotes.txt

XF - website-webfind-bo(4962)

BID - 1487

NAI - 20000719 O'Reilly WebSite Professional Overflow


Last Updated: 27 May 2016 10:35:48