CVE Vulnerabilities

CVE-2002-1065

Published: Oct 04, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.

Affected Software

Name Vendor Start Version End Version
Jana_web_server T._hauck 1.0 1.0
Jana_web_server T._hauck 2.0 2.0
Jana_web_server T._hauck 2.2.1 2.2.1
Jana_web_server T._hauck 2.0_beta2 2.0_beta2
Jana_web_server T._hauck 1.45 1.45
Jana_web_server T._hauck 2.0_beta1 2.0_beta1
Jana_web_server T._hauck 1.46 1.46

References