Description
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ppp-design · textwebappsphp
https://www.exploit-db.com/exploits/21426
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/5178
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=87004
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8951.php
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0395.html
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4618
Scores
EPSS
0.0475
EPSS Percentile
89.5%
Details
Status
published
Products (1)
blahz-dns/blahz-dns
0.2
Published
Jun 18, 2002
Tracked Since
Feb 18, 2026