| Vulnerability Name: | CVE-2000-1177 (CCN-5560) | ||||||||
| Assigned: | 2000-11-20 | ||||||||
| Published: | 2000-11-20 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: BUGTRAQ Type: Patch, Vendor Advisory 20001121 Big Brother Advisory - Fate Research Labs Source: CCN Type: Big Brother Advisory 20001120: Fate Research Labs File Discovery Vulnerability Source: CONFIRM Type: UNKNOWN http://bb4.com/incident.nov21 Source: MITRE Type: CNA CVE-2000-1177 Source: CCN Type: Big Brother Systems and Network Monitor Web site Download Source: CCN Type: OSVDB ID: 9438 Big Brother bb-hist.sh HISTFILE Parameter File Existence Disclosure Source: CCN Type: OSVDB ID: 9439 Big Brother bb-histlog.sh HISTFILE Parameter File Existence Disclosure Source: CCN Type: OSVDB ID: 9440 Big Brother bb-hostsvc.sh HISTFILE Parameter File Existence Disclosure Source: CCN Type: OSVDB ID: 9441 Big Brother bb-rep.sh HISTFILE Parameter File Existence Disclosure Source: CCN Type: OSVDB ID: 9442 Big Brother bb-replog.sh HISTFILE Parameter File Existence Disclosure Source: CCN Type: OSVDB ID: 9443 Big Brother bb-ack.sh HISTFILE Parameter File Existence Disclosure Source: BID Type: Exploit, Patch, Vendor Advisory 1971 Source: CCN Type: BID-1971 BB4 Big Brother Multiple CGI Vulnerabilities Source: XF Type: UNKNOWN bb-cgi-brute-force(5560) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||