Description
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ppp-design · textwebappsphp
https://www.exploit-db.com/exploits/21425
References (4)
Core 4
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8948.php
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4617
Various Sources x_refsource_confirm
http://www.dnstools.com/dnstools_2.0.1.tar.gz
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0390.html
Scores
EPSS
0.0364
EPSS Percentile
87.9%
Details
Status
published
Products (2)
dnstools_software/dnstools
2.0_beta3
dnstools_software/dnstools
2.0_beta4
Published
Jun 18, 2002
Tracked Since
Feb 18, 2026