← Back

CVE-2000-0696

nvd nist
Published: Oct 20, 2000Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

Affected (4)

Sun
1 product
Solaris Answerbook2
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Solaris Answerbook2
Version 1.3
Solaris Answerbook2
Version 1.4.1
Solaris Answerbook2
Version 1.4.2
Solaris Answerbook2
Version 1.4

References (10)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.