Vulnerabilities > CVE-2000-0074 - Unspecified vulnerability in Powerscripts Plusmail

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

powerscripts

nessus

exploit available

NVD

Published: 2000-01-11

Updated: 2022-08-17

Summary

PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.

Vulnerable Configurations

Part	Description	Count
Application	Powerscripts Powerscripts Plusmail *	1

Exploit-Db

description	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability (3). CVE-2000-0074. Remote exploit for cgi platform
id	EDB-ID:20801
last seen	2016-02-02
modified	2000-01-20
published	2000-01-20
reporter	ytcracker
source	https://www.exploit-db.com/download/20801/
title	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability 3

description	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability (2). CVE-2000-0074. Remote exploit for cgi platform
id	EDB-ID:20800
last seen	2016-02-02
modified	2000-01-11
published	2000-01-11
reporter	missnglnk
source	https://www.exploit-db.com/download/20800/
title	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability 2

description	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability (1). CVE-2000-0074. Remote exploit for cgi platform
id	EDB-ID:20799
last seen	2016-02-02
modified	2000-01-11
published	2000-01-11
reporter	Synnergy Networks
source	https://www.exploit-db.com/download/20799/
title	PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability 1

Nessus

NASL family	CGI abuses
NASL id	PLUSMAIL.NASL
description	The
last seen	2020-06-01
modified	2020-06-02
plugin id	10181
published	2000-01-12
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10181
title	PlusMail plusmail CGI Arbitrary Command Execution
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(10181); script_version("1.28"); script_cvs_date("Date: 2018/07/24 18:56:11"); script_cve_id("CVE-2000-0074"); script_bugtraq_id(2653); script_name(english:"PlusMail plusmail CGI Arbitrary Command Execution"); script_summary(english:"Checks for the presence of /cgi-bin/plusmail"); script_set_attribute(attribute:"synopsis", value:"Arbitrary files can be run on the remote host."); script_set_attribute(attribute:"description", value: "The 'plusmail' CGI is installed. Some versions of this CGI have a well known security flaw that lets an attacker read arbitrary file with the privileges of the HTTP server."); script_set_attribute(attribute:"solution", value:"Remove it from /cgi-bin. No patch yet"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2000/01/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2000/01/12"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc."); script_family(english:"CGI abuses"); script_dependencie("webmirror.nasl", "http_version.nasl"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/www", 80); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); if (report_paranoia < 2) audit(AUDIT_PARANOID); port = get_http_port(default:80); res = is_cgi_installed3(item:"plusmail", port:port); if(res)security_warning(port);

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0074