CVE-2001-0558

T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0).

Published: Aug 14, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0558
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
t._hauck / jana_web_server	2.0b2	2.0b2.x
t._hauck / jana_web_server	2.0beta1	2.0beta1.x
t._hauck / jana_web_server	1.45	1.45.x
t._hauck / jana_web_server	1.46	1.46.x

http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html
http://www.osvdb.org/1817
http://www.securityfocus.com/bid/2704
https://exchange.xforce.ibmcloud.com/vulnerabilities/6521

Vulnerability Database

289,871

CVE-2001-0558