Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0697

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0697
Last Modified 24 Sep 2008 12:07:12
Published 20 Oct 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0697

Summary

The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.

Vulnerable Systems

Application

  • Sun Solaris Answerbook2 1.3

  • Sun Solaris Answerbook2 1.4

  • Sun Solaris Answerbook2 1.4.1

  • Sun Solaris Answerbook2 1.4.2


References

BID - 1556

SUN - 00196

MISC - http://www.s21sec.com/en/avisos/s21sec-004-en.txt

XF - solaris-answerbook2-remote-execution(5058)

BUGTRAQ - 20000807 Vulnerabilities in Sun Solaris AnswerBook2 dwhttpd server


Last Updated: 27 May 2016 10:35:50