Vulnerabilities > CVE-2002-1066 - Unspecified vulnerability in T. Hauck Jana web Server

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

t-hauck

NVD

Published: 2002-10-04

Updated: 2024-11-20

Summary

Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack.

Vulnerable Configurations

Part	Description	Count
Application	T._Hauck T. Hauck Jana WEB Server 1.0 T. Hauck Jana WEB Server 2.0 T. Hauck Jana WEB Server 2.2.1 T. Hauck Jana WEB Server 2.0_Beta2 T. Hauck Jana WEB Server 1.45 T. Hauck Jana WEB Server 2.0_Beta1 T. Hauck Jana WEB Server 1.46	7

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
http://www.iss.net/security_center/static/9689.php
http://www.iss.net/security_center/static/9689.php
http://www.securityfocus.com/bid/5327
http://www.securityfocus.com/bid/5327