Unix

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

blackboard

NVD

Published: 2000-07-18

Updated: 2023-11-07

Summary

BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.

Vulnerable Configurations

Part	Description	Count
Application	Blackboard Blackboard Courseinfo Unix Blackboard Courseinfo 4.0	2

References

http://www.securityfocus.com/bid/1486
http://archives.neohapsis.com/archives/bugtraq/2000-07/0254.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/4946
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000719151904.I17986%40securityfocus.com