PT-2000-1629 · Oracle · Solaris Answerbook2

Published

2000-10-20

Updated

2017-12-19

CVE-2000-0696

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Solaris AnswerBook2 (affected versions not specified)

Description The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts. This allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0696

Affected Products

Solaris Answerbook2

PT-2000-1629 · Oracle · Solaris Answerbook2

CVE-2000-0696

Related Identifiers

Affected Products

References · 7