Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html | |
http://www.iss.net/security_center/static/9688.php | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-08-31T04:00:00
Updated: 2002-09-10T09:00:00
Reserved: 2002-08-30T00:00:00
Link: CVE-2002-1065
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-10-04T04:00:00.000
Modified: 2008-09-05T20:29:41.393
Link: CVE-2002-1065
JSON object: View
Redhat Information
No data.
CWE