CVE-2000-0639

critical

Description

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/5103

http://www.osvdb.org/1472

http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html

Details

Source: Mitre, NVD

Published: 2000-06-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.03556