Sean Macguire : Security Vulnerabilities, CVEs,
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
Max CVSS
7.5
EPSS Score
1.00%
Published
2000-06-11
Updated
2017-10-10
bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.
Max CVSS
10.0
EPSS Score
5.38%
Published
2000-07-11
Updated
2017-10-10
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
1.75%
Published
2000-05-18
Updated
2008-09-10
3 vulnerabilities found