Vulnerabilities > CVE-2000-1177 - CGI vulnerability in BB4 Big Brother
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | BB4 Big Brother Network Monitor 1.5 d2 bb-hist.sh HISTFILE Parameter File Existence Disclosure. CVE-2000-1177. Remote exploit for unix platform |
| id | EDB-ID:20413 |
| last seen | 2016-02-02 |
| modified | 2000-11-20 |
| published | 2000-11-20 |
| reporter | f8 Research Labs |
| source | https://www.exploit-db.com/download/20413/ |
| title | BB4 Big Brother Network Monitor 1.5 d2 bb-hist.sh HISTFILE Parameter File Existence Disclosure |