CVE-2002-1065 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-1065

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.

Affected Software

Name	Vendor	Start Version	End Version
Jana_web_server	T._hauck	1.0 (including)	1.0 (including)
Jana_web_server	T._hauck	1.45 (including)	1.45 (including)
Jana_web_server	T._hauck	1.46 (including)	1.46 (including)
Jana_web_server	T._hauck	2.0 (including)	2.0 (including)
Jana_web_server	T._hauck	2.0_beta1 (including)	2.0_beta1 (including)
Jana_web_server	T._hauck	2.0_beta2 (including)	2.0_beta2 (including)
Jana_web_server	T._hauck	2.2.1 (including)	2.2.1 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
http://www.iss.net/security_center/static/9688.php