Unrated severityNVD Advisory· Published Oct 20, 2000· Updated Apr 16, 2026

CVE-2000-0696

Description

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.

Affected products

Sun Corporation/Solaris Answerbook24 versions
cpe:2.3:a:sun:solaris_answerbook2:1.3:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sun:solaris_answerbook2:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solaris_answerbook2:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solaris_answerbook2:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solaris_answerbook2:1.4.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/sun/2000-q3/0001.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/1554nvdExploitPatchVendor Advisory
seclists.org/bugtraq/2000/Aug/0105.htmlnvd
www.s21sec.com/en/avisos/s21sec-004-en.txtnvd
exchange.xforce.ibmcloud.com/vulnerabilities/5069nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000