CVE-2000-0177
published 2000-03-02CVE-2000-0177: DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
9.92%
95.0th percentile
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dnstools_software | dnstools | <= 1.0.8 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)
exploitdb·2000-05-31
CVE-2000-0495 Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)
Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)
---
// source: https://www.securityfocus.com/bid/1282/info
Windows Media Encoder is part of Windows Media Services. It's purpose is to convert content into a suitable format for video or audio streaming through the Media Services.
If a specially malformed request is sent to the Windows Media Encoder it could cause the service to crash. The service would need to be restarted in order to regain normal functionality.
/*
*
* Media Streaming Broadcast Distribution (MSBD)
* Denial of Service Attack
*
* (C) 2000 Kit Knox - Public Release: 05/31/00
*
* Causes the Windows Media Encoder to crash with a "Runtime Error!"
*
* "NSREX caused an invalid page fault in module MFC42.DLL at 0177:5f4012a1".
*
* Tested on version 4.1.0
Exploit-DB
DNSTools Software DNSTools 1.0.8/1.10 - Input Validation
exploitdb·2000-03-02
CVE-2000-0177 DNSTools Software DNSTools 1.0.8/1.10 - Input Validation
DNSTools Software DNSTools 1.0.8/1.10 - Input Validation
---
source: https://www.securityfocus.com/bid/1028/info
A vulnerability exists in the 1.0.8 release of DNSTools (labeled on some areas of their site as 1.08), from DNSTools Software. By manipulating the contents of certain post variables, arbitrary code may be executed.
Note that version 1.10 is reportedly still vulnerable. See message from Wolfgang Wiese in reference section.
The problem stems from the following code:
$host_name = $CGI->param("host_name");
$domain_name = $CGI->param("domain_name");
$error_description = "";
my $error_code = system("/usr/local/dnstools/delete_mx -d \"$domain_name\" -n \"$host_name\"");
No escaping or input validation is performed. This makes it easy for a would be attacker to execute arbitrary
No writeups or analysis indexed.
2000-03-02
Published