CVE-2000-0627

Name of the Vulnerable Software and Affected Versions BlackBoard CourseInfo version 4.0

Description The issue concerns improper user authentication, allowing local users to modify database information and gain privileges. This can be achieved by directly calling supporting CGI programs, such as user update passwd.pl and user update admin.pl.

Recommendations For BlackBoard CourseInfo version 4.0, consider restricting access to the CGI programs user update passwd.pl and user update admin.pl to prevent unauthorized modifications to the database. Additionally, review and strengthen the authentication mechanism to ensure proper validation of user credentials.