CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2002-2431
https://notcve.org/view.php?id=CVE-2002-2431
Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. Vulnerabilidad sin especificar en GoAhead WebServer anterior a v2.1.4 permite a atacantes remotos provocar "funcionamiento incorrecto" a través de "código malicioso" desconocido, relacionado con el uso incorrecto de la función "socketInputBuffered" en sockGen.c. • http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-sockgen-c •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2430
https://notcve.org/view.php?id=CVE-2002-2430
GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server. GoAhead WebServer anterior a v2.1.1 permite a actacantes remotos provocar una denegación de servicio (consumo de CPU)implicando una desconexión de socket que finalizará una petición antes de que ésta haya sido totalmente procesada por el servidor. • http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 3CVE-2002-1951 – GoAhead Web Server 2.1 - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2002-1951
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. • https://www.exploit-db.com/exploits/21707 http://freecode.com/projects/embedthis-goahead-webserver/releases/343539 http://osvdb.org/81099 http://www.iss.net/security_center/static/9884.php http://www.securiteam.com/securitynews/5MP0C1580W.html http://www.securityfocus.com/bid/5464 •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1CVE-2002-0680 – GoAhead Web Server 2.1.x - URL Encoded Slash Directory Traversal
https://notcve.org/view.php?id=CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228. Vulnerabilidad de atravesamiento de directorios en GoAhead Web Server 2.1 permite a atacantes remotos mediante una URL con una "/" (carácter barra) codificada (%5C) en una secuencia .. (punto punto) • https://www.exploit-db.com/exploits/21607 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0013.html http://freecode.com/projects/embedthis-goahead-webserver/releases/343539 http://marc.info/?l=bugtraq&m=102631742711795&w=2 http://marc.info/?l=bugtraq&m=102709382714597&w=2 http://osvdb.org/81099 •
CVSS: 5.0EPSS: 5%CPEs: 9EXPL: 4CVE-2002-1603 – GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure
https://notcve.org/view.php?id=CVE-2002-1603
GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed. • https://www.exploit-db.com/exploits/23446 http://aluigi.altervista.org/adv/goahead-adv3.txt http://data.goahead.com/Software/Webserver/2.1.8/release.htm#bug-with-urls-like-asp http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 http://secunia.com/advisories/7741 http://securitytracker.com/id?1005820 http://www.kb.cert.org/vuls/id/124059 http://www.kb.cert.org/vuls/id/975041 http://www.kb.cert.org/vuls/id/R •