Vulnerability Details CVE-2002-1063
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9687.php
- http://www.securityfocus.com/bid/5325
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9687.php
- http://www.securityfocus.com/bid/5325
Products affected by CVE-2002-1063
-
cpe:2.3:a:t._hauck:jana_web_server:1.0
-
cpe:2.3:a:t._hauck:jana_web_server:1.45
-
cpe:2.3:a:t._hauck:jana_web_server:1.46
-
cpe:2.3:a:t._hauck:jana_web_server:2.0
-
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta1
-
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta2
-
cpe:2.3:a:t._hauck:jana_web_server:2.2.1