CVE-2002-1023 – Working Resources BadBlue 1.7.3 - GET Denial of Service
https://notcve.org/view.php?id=CVE-2002-1023
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. • https://www.exploit-db.com/exploits/21600 http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9528.php http://www.securityfocus.com/bid/5187 •
CVE-2002-1021 – Working Resources 1.7.3 BadBlue - Null Byte File Disclosure
https://notcve.org/view.php?id=CVE-2002-1021
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte. • https://www.exploit-db.com/exploits/21616 http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9557.php http://www.securityfocus.com/bid/5226 •
CVE-2002-1022
https://notcve.org/view.php?id=CVE-2002-1022
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9558.php http://www.securityfocus.com/bid/5228 •