VULHUB ™

Big Brother up to version 1.4H2 contains a remote vulnerability which allows remote users to create a filename with an arbitrary extension. Since the file is droped into a directory accessible via the web server, any file extension that is parsed server side can be abused and commands can be executed remotely.

Big Brother up to version 1.4H2 contains a remote vulnerability which allows remote users to create a filename with an arbitrary extension. Since the file is droped into a directory accessible via the web server, any file extension that is parsed server side can be abused and commands can be executed remotely.