CVE-2000-0757 — HIGH (10.0)

Vulnerability Description

The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Aptis Software	Totalbill	3.0

References

http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.htmlVendor Advisory
http://www.securityfocus.com/bid/1555ExploitVendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.htmlVendor Advisory
http://www.securityfocus.com/bid/1555ExploitVendor Advisory

FAQ

What is CVE-2000-0757?

CVE-2000-0757 is a vulnerability with a CVSS score of 10.0 (HIGH). The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.

How severe is CVE-2000-0757?

CVE-2000-0757 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2000-0757?

Check the references section above for vendor advisories and patch information. Affected products include: Aptis Software Totalbill.