exploitDog

CVE-2000-1025

Опубликовано: 11 дек. 2000

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.

Ссылки

http://marc.info/?l=bugtraq&m=97295224226042&w=2
http://www.securityfocus.com/bid/1868
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5435
http://marc.info/?l=bugtraq&m=97295224226042&w=2
http://www.securityfocus.com/bid/1868
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5435

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:unify:ewave_servletexec:3.0c:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07404

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-w5ff-3m7r-fmgf

github

почти 4 года назад

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.

EPSS

Процентиль: 92%

0.07404

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other