CVE-2000-0689

EPSS 7.8%

Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.

Affected products

n/a · n/a

public PoCs found — 2

exploitdbwww.exploit-db.com/exploits/20164unverified exploitdbwww.exploit-db.com/exploits/20165unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5125 http://www.cgiscriptcenter.com/acctlite/http://www.osvdb.org/13341 http://www.securityfocus.com/bid/1604