Vulnerability Description
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| T. Hauck | Jana Web Server | 1.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9688.phpVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html
- http://www.iss.net/security_center/static/9688.phpVendor Advisory
FAQ
What is CVE-2002-1065?
CVE-2002-1065 is a vulnerability with a CVSS score of 7.5 (HIGH). Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute ...
How severe is CVE-2002-1065?
CVE-2002-1065 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1065?
Check the references section above for vendor advisories and patch information. Affected products include: T. Hauck Jana Web Server.