CVE-2000-1177

Big Brother <1.5d3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-1177. PoCs published by f8 Research Labs.

AI-analyzed exploit summary The exploit describes an information leakage vulnerability in Big Brother Network Monitor's CGI scripts, allowing remote attackers to verify the existence of sensitive files and user accounts via path traversal in URL parameters. No actual exploit code is provided, only a description and example URL.

Description

bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by f8 Research Labs · textremoteunix
https://www.exploit-db.com/exploits/20413

The exploit describes an information leakage vulnerability in Big Brother Network Monitor's CGI scripts, allowing remote attackers to verify the existence of sensitive files and user accounts via path traversal in URL parameters. No actual exploit code is provided, only a description and example URL.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Big Brother Network Monitor (version not specified)
No auth needed
Prerequisites: Access to the Big Brother Display Server's CGI interface
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources x_refsource_confirm
http://bb4.com/incident.nov21
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1971
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-11/0284.html

Scores

EPSS 0.0795
EPSS Percentile 94.1%

Details

Status published
Products (1)
bb4/big_brother_network_monitor < 1.5d2
Published Jan 09, 2001
Tracked Since Feb 18, 2026