RSS   Vulnerabilities for 'Servletexec isapi'   RSS

2002-10-04
 
CVE-2002-0894

 

 
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.

 
 
CVE-2002-0893

 

 
Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.

 
 
CVE-2002-0892

 

 
The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

 

 >>> Vendor: New atlanta communications 3 Products
Servletexec isapi
Bluedragon server
Bluedragon server jx


Copyright 2024, cxsecurity.com

 

Back to Top