PT-2002-1647 · Blahz · Blahz-Dns

Publicado

2002-06-18

Atualizado

2008-09-05

CVE-2002-0599

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Blahz-DNS versions 0.2 and earlier

Description The issue allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs, such as "dostuff.php", instead of going through the login screen.

Recommendations For Blahz-DNS versions 0.2 and earlier, consider restricting direct access to CGI programs like dostuff.php to prevent unauthorized configuration modifications.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0599

Produtos afetados

Blahz-Dns

PT-2002-1647 · Blahz · Blahz-Dns

CVE-2002-0599

Identificadores relacionados

Produtos afetados

Referências · 7