Remote Command Execution Vulnerability in Solaris AnswerBook2 by Sun Microsystems
CVE-2000-0697

Currently unrated

Key Information:

Vendor: Oracle
Status: Solaris Answerbook2
Vendor: CVE Published:; 20 October 2000

What is CVE-2000-0697?

The Solaris AnswerBook2's dwhttpd web server features a critical vulnerability that allows attackers to remotely execute commands by exploiting shell metacharacters. This flaw can enable unauthorized users to initiate system commands, potentially compromising the server's integrity and confidentiality. It is essential for administrators to apply necessary security patches and configurations to mitigate any risks associated with this vulnerability.

References

http://www.iss.net/security_center/static/5058.php

vdb-entryx_refsource_XF

http://www.s21sec.com/en/avisos/s21sec-004-en.txt

x_refsource_MISC

http://www.securityfocus.com/bid/1556

vdb-entryx_refsource_BID

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 20, 2000
Vulnerability Reserved
Sep 19, 2000

Oracle

What is CVE-2000-0697?

References

EPSS Score

Timeline