CVE-2000-0639 Information

Description

The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html http://www.osvdb.org/1472 http://www.securityfocus.com/bid/1494 https://exchange.xforce.ibmcloud.com/vulnerabilities/5103