bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter.
来源:NVD
Big Brother (BB) 1.5d3之前版本的bb-hist.sh,bb-histlog.sh,bb-hostsvc.sh,bb-rep.sh,bb-replog.sh和bb-ack.sh存在漏洞。远程攻击者可以通过指定HISTFILE参数中的目标文件来确定文件和用户ID的存在。
来源:CNNVD
在 Big Brother (BB) 1.5d3 之前,bb-hist.sh、bb-histlog.sh、bb-hostsvc.sh、bb-rep.sh、bb-replog.sh 和 bb-ack.sh 允许远程攻击者通过在 HISTFILE 参数中指定目标文件来确定文件和用户 ID 的存在。