PT-2000-1556 · O'Reilly · O'Reilly Website Professional

Published

2000-07-19

Updated

2017-10-10

CVE-2000-0622

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions O'Reilly WebSite Professional web server versions 2.x

Description A buffer overflow issue exists in the Webfind CGI program, allowing remote attackers to execute arbitrary commands via a URL containing a long keywords parameter.

Recommendations For O'Reilly WebSite Professional web server versions 2.x, consider restricting access to the Webfind CGI program until a patch is available. As a temporary workaround, avoid using long keywords parameters in URLs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0622

Affected Products

O'Reilly Website Professional

PT-2000-1556 · O'Reilly · O'Reilly Website Professional

CVE-2000-0622

Related Identifiers

Affected Products

References · 7