Vulnerabilities > CVE-2000-0697 - Remote Command Execution vulnerability in Solaris AnswerBook2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | Solaris AnswerBook2 Remote Command Execution Vulnerability. CVE-2000-0697. Remote exploit for solaris platform |
id | EDB-ID:20146 |
last seen | 2016-02-02 |
modified | 2000-08-07 |
published | 2000-08-07 |
reporter | Lluis Mora |
source | https://www.exploit-db.com/download/20146/ |
title | Solaris AnswerBook2 - Remote Command Execution Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | DWHTTP_FORMAT_STRING.NASL |
description | The remote web server is vulnerable to a format string attack. An attacker may exploit this vulnerability to cause the web server to crash continually or even execute arbitrary code on the system. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11075 |
published | 2002-08-14 |
reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11075 |
title | Sun AnswerBook2 Web Server dwhttpd GET Request Remote Format String |
code |
|