CVE-2002-1062 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-1062

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.

Affected Software

Name	Vendor	Start Version	End Version
Jana_web_server	T._hauck	1.0 (including)	1.0 (including)
Jana_web_server	T._hauck	1.45 (including)	1.45 (including)
Jana_web_server	T._hauck	1.46 (including)	1.46 (including)
Jana_web_server	T._hauck	2.0 (including)	2.0 (including)
Jana_web_server	T._hauck	2.0_beta1 (including)	2.0_beta1 (including)
Jana_web_server	T._hauck	2.0_beta2 (including)	2.0_beta2 (including)
Jana_web_server	T._hauck	2.2.1 (including)	2.2.1 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
http://www.iss.net/security_center/static/9684.php
http://www.securityfocus.com/bid/5321