CVE-2002-2431
https://notcve.org/view.php?id=CVE-2002-2431
Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. Vulnerabilidad sin especificar en GoAhead WebServer anterior a v2.1.4 permite a atacantes remotos provocar "funcionamiento incorrecto" a través de "código malicioso" desconocido, relacionado con el uso incorrecto de la función "socketInputBuffered" en sockGen.c. • http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-sockgen-c •
CVE-2002-2430
https://notcve.org/view.php?id=CVE-2002-2430
GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server. GoAhead WebServer anterior a v2.1.1 permite a actacantes remotos provocar una denegación de servicio (consumo de CPU)implicando una desconexión de socket que finalizará una petición antes de que ésta haya sido totalmente procesada por el servidor. • http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865 • CWE-399: Resource Management Errors •
CVE-2002-1951 – GoAhead Web Server 2.1 - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2002-1951
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. • https://www.exploit-db.com/exploits/21707 http://freecode.com/projects/embedthis-goahead-webserver/releases/343539 http://osvdb.org/81099 http://www.iss.net/security_center/static/9884.php http://www.securiteam.com/securitynews/5MP0C1580W.html http://www.securityfocus.com/bid/5464 •
CVE-2002-1603 – GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure
https://notcve.org/view.php?id=CVE-2002-1603
GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed. • https://www.exploit-db.com/exploits/23446 http://aluigi.altervista.org/adv/goahead-adv3.txt http://data.goahead.com/Software/Webserver/2.1.8/release.htm#bug-with-urls-like-asp http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 http://secunia.com/advisories/7741 http://securitytracker.com/id?1005820 http://www.kb.cert.org/vuls/id/124059 http://www.kb.cert.org/vuls/id/975041 http://www.kb.cert.org/vuls/id/R •
CVE-2001-0385 – GoAhead Web Server 2.1 (Windows) - Denial of Service
https://notcve.org/view.php?id=CVE-2001-0385
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. • https://www.exploit-db.com/exploits/20770 http://archives.neohapsis.com/archives/bugtraq/2001-04/0281.html http://freecode.com/projects/embedthis-goahead-webserver/releases/343539 http://osvdb.org/81099 http://www.osvdb.org/6664 http://www.securityfocus.com/bid/2607 https://exchange.xforce.ibmcloud.com/vulnerabilities/6400 •