|Vulnerability||Severity Score||Release Date||Summary|
|CVE-2000-0638||10.0||July 11, 2000||
bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.
|CVE-2000-0450||7.5||May 18, 2000||
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
|CVE-2000-0639||7.5||June 11, 2000||
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.