Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0627

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0627
Last Modified 05 Sep 2008 04:21:29
Published 18 Jul 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0627

Summary

BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.

Vulnerable Systems

Application

  • Blackboard Courseinfo 4.0

  • Blackboard Courseinfo Unix


References

XF - blackboard-courseinfo-dbase-modification

BID - 1486

BUGTRAQ - 20000718 Blackboard Courseinfo v4.0 User Authentication

BUGTRAQ - 20000719 Security Fix for Blackboard CourseInfo 4.0


Last Updated: 27 May 2016 10:35:48