Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1909 | 1 Software602 | 1 602lan Suite | 2024-11-20 | 4.3 MEDIUM | N/A |
The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability. | |||||
CVE-2005-1423 | 1 Software602 | 1 602lan Suite | 2024-11-20 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. | |||||
CVE-2005-0344 | 1 Software602 | 1 602lan Suite | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter. | |||||
CVE-2004-1502 | 1 Software602 | 1 602lan Suite | 2024-11-20 | 5.0 MEDIUM | N/A |
The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop. | |||||
CVE-2004-1501 | 1 Software602 | 1 602lan Suite | 2024-11-20 | 5.0 MEDIUM | N/A |
The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. |