Vulnerability Description
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blahz-Dns | Blahz-Dns | 0.2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0395.htmlPatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=87004
- http://www.iss.net/security_center/static/8951.phpPatchVendor Advisory
- http://www.osvdb.org/5178
- http://www.securityfocus.com/bid/4618ExploitPatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0395.htmlPatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=87004
- http://www.iss.net/security_center/static/8951.phpPatchVendor Advisory
- http://www.osvdb.org/5178
- http://www.securityfocus.com/bid/4618ExploitPatchVendor Advisory
FAQ
What is CVE-2002-0599?
CVE-2002-0599 is a vulnerability with a CVSS score of 10.0 (HIGH). Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
How severe is CVE-2002-0599?
CVE-2002-0599 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0599?
Check the references section above for vendor advisories and patch information. Affected products include: Blahz-Dns Blahz-Dns.