CVE-2000-0149

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Feb 8, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0149 is a vulnerability affecting the Zeus web server. Malicious actors can exploit this issue by inserting a null character (%00) at the end of a URL for a CGI program. By doing so, they gain unauthorized access to the source code of the affected CGI application. This vulnerability poses a significant risk to web servers running the Zeus software if not immediately patched. Attackers can use this information to identify and potentially exploit other vulnerabilities within the targeted system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlTOK
https://www.cve.org/CVERecord?id=CVE-2000-0149
https://nvd.nist.gov/vuln/detail/CVE-2000-0149

Back to Vulnerability Database

CVE-2000-0149

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations