CVE-2000-0696

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/sun/2000-q3/0001.html	Patch Vendor Advisory
http://seclists.org/bugtraq/2000/Aug/0105.html
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
http://www.securityfocus.com/bid/1554	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5069

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:solaris_answerbook2:1.3:::::::*
	cpe:2.3:a:sun:solaris_answerbook2:1.4:::::::*
	cpe:2.3:a:sun:solaris_answerbook2:1.4.1:::::::*
	cpe:2.3:a:sun:solaris_answerbook2:1.4.2:::::::*

History

No history.

Information

Published : 2000-10-20 04:00

Updated : 2024-02-04 16:31

NVD link : CVE-2000-0696

Mitre link : CVE-2000-0696

CVE.ORG link : CVE-2000-0696

JSON object : View

Products Affected

sun

solaris_answerbook2

CWE

NVD-CWE-Other

{"id": "CVE-2000-0696", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2000-10-20T04:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/sun/2000-q3/0001.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/bugtraq/2000/Aug/0105.html", "source": "cve@mitre.org"}, {"url": "http://www.s21sec.com/en/avisos/s21sec-004-en.txt", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1554", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5069", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script."}], "lastModified": "2017-12-19T02:29:11.207", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:solaris_answerbook2:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A70C7D11-5DEA-473C-AB5A-C3676EAAE668"}, {"criteria": "cpe:2.3:a:sun:solaris_answerbook2:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09366485-E68C-4E5B-8C76-FD6D8CD48B67"}, {"criteria": "cpe:2.3:a:sun:solaris_answerbook2:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E03C0EB-3336-4CF9-8088-CD90E768B1A7"}, {"criteria": "cpe:2.3:a:sun:solaris_answerbook2:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D613BAC-1341-4B6D-971A-9CB9FE4342EF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}