Vulnerabilities > CVE-2000-0757 - Remote Command Execution vulnerability in Aptis Software Totalbill 3.0

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

aptis-software

critical

exploit available

NVD

Published: 2000-10-20

Updated: 2008-09-05

Summary

The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.

Vulnerable Configurations

Part	Description	Count
Application	Aptis_Software Aptis Software Totalbill 3.0	1

Exploit-Db

description	Aptis Software TotalBill 3.0 Remote Command Execution Vulnerability. CVE-2000-0757. Remote exploit for linux platform
id	EDB-ID:20145
last seen	2016-02-02
modified	2000-08-08
published	2000-08-08
reporter	Brian Masney
source	https://www.exploit-db.com/download/20145/
title	Aptis Software TotalBill 3.0 - Remote Command Execution Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References