Information Disclosure in Big Brother (BB) Shell Scripts

Information Disclosure in Big Brother (BB) Shell Scripts

CVE-2000-1177 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter.

Learn more about our User Device Pen Test.