CVE-2002-0613

dnstools < 2.0 beta 4 - Unauthenticated Privilege Escalation via Parameter Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0613. PoCs published by ppp-design.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in DNSTools by manipulating URL parameters to grant administrative access without proper authentication. The attack involves setting specific query parameters to bypass user authentication checks.

Description

dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ppp-design · textwebappsphp
https://www.exploit-db.com/exploits/21425

This exploit demonstrates an authentication bypass vulnerability in DNSTools by manipulating URL parameters to grant administrative access without proper authentication. The attack involves setting specific query parameters to bypass user authentication checks.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: DNSTools (versions unspecified)
No auth needed
Prerequisites: Access to the target DNSTools web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8948.php
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4617
Various Sources x_refsource_confirm
http://www.dnstools.com/dnstools_2.0.1.tar.gz
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0390.html

Scores

EPSS 0.1125
EPSS Percentile 95.4%

Details

Status published
Products (2)
dnstools_software/dnstools 2.0_beta3
dnstools_software/dnstools 2.0_beta4
Published Jun 18, 2002
Tracked Since Feb 18, 2026