Arbitrary Command Execution via Default Configuration in Big Brother 1.4h2 and Earlier

Arbitrary Command Execution via Default Configuration in Big Brother 1.4h2 and Earlier

CVE-2000-0639 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

Learn more about our Web App Pen Testing.