PT-2002-1647 · Blahz · Blahz-Dns

Published

2002-06-18

Updated

2008-09-05

CVE-2002-0599

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Blahz-DNS versions 0.2 and earlier

Description The issue allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs, such as "dostuff.php", instead of going through the login screen.

Recommendations For Blahz-DNS versions 0.2 and earlier, consider restricting direct access to CGI programs like dostuff.php to prevent unauthorized configuration modifications.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0599

Affected Products

Blahz-Dns

PT-2002-1647 · Blahz · Blahz-Dns

CVE-2002-0599

Related Identifiers

Affected Products

References · 7