OpenCVE

The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aptis Software	Totalbill

Configuration 1 [-]

cpe:2.3:a:aptis_software:totalbill:3.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.html
http://www.securityfocus.com/bid/1555

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2000-09-21T04:00:00

Updated: 2024-08-08T05:28:41.461Z

Reserved: 2000-09-19T00:00:00

Link: CVE-2000-0757

Vulnrichment

No data.

NVD

Status : Modified

Published: 2000-10-20T04:00:00.000

Modified: 2024-11-20T23:33:13.140

Link: CVE-2000-0757

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-08-08T00:00:00", "descriptions": [{"lang": "en", "value": "The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2001-12-16T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1555", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1555"}, {"name": "20000808 Exploit for Totalbill...", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0757", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1555", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1555"}, {"name": "20000808 Exploit for Totalbill...", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:28:41.461Z"}, "title": "CVE Program Container", "references": [{"name": "1555", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1555"}, {"name": "20000808 Exploit for Totalbill...", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0074.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0757", "datePublished": "2000-09-21T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.461Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}