CVE-2000-0696
Solaris AnswerBook2 - Unauthenticated User Account Creation via Admin CGI Script
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0696. PoCs published by Lluis Mora.
AI-analyzed exploit summary The exploit describes an authentication bypass vulnerability in AnswerBook2 versions 1.4.2 and prior, allowing remote users to create administration accounts via direct access to the /cgi-bin/admin/admin script. This enables attackers to read log files and manage content.
Description
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
Exploits (1)
The exploit describes an authentication bypass vulnerability in AnswerBook2 versions 1.4.2 and prior, allowing remote users to create administration accounts via direct access to the /cgi-bin/admin/admin script. This enables attackers to read log files and manage content.