Description
bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by f8 Research Labs · textremoteunix
https://www.exploit-db.com/exploits/20413
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
http://bb4.com/incident.nov21
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1971
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-11/0284.html
Scores
EPSS
0.1297
EPSS Percentile
94.1%
Details
Status
published
Products (1)
bb4/big_brother_network_monitor
< 1.5d2
Published
Jan 09, 2001
Tracked Since
Feb 18, 2026