CVE-2004-2381
https://notcve.org/view.php?id=CVE-2004-2381
HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. • http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76 http://secunia.com/advisories/11166 http://sourceforge.net/project/shownotes.php?release_id=224743 http://www.osvdb.org/4387 http://www.securityfocus.com/bid/9917 https://exchange.xforce.ibmcloud.com/vulnerabilities/15537 •
CVE-2002-1533 – Jetty 4.1 Servlet Engine - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1533
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a). Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Jetty JSP servlet engine permite a atacantes remotos insertar HTML arbitrario o rutinas vía petición HTTP a un fichero .jsp cuyo nombre contiene la rutina maliciosa y algunos caracteres de nueva linea (%0a). • https://www.exploit-db.com/exploits/21875 http://archives.neohapsis.com/archives/bugtraq/2002-09/0337.html http://www.iss.net/security_center/static/10219.php http://www.securityfocus.com/bid/5821 •
CVE-2002-1178 – Jetty 3.1.6/3.1.7/4.1 Servlet Engine - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2002-1178
Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory. Vulnerabilidad de atravesamiento de directorios en el CGIServlet en Jetty HHTP server anteriores a 4.1.0 permite a atacantes remotos leer ficheros arbitrarios mediante secuencias .. (punto punto barra invertida) en peticiones HTTP al directorio cgi-bin. • https://www.exploit-db.com/exploits/21895 http://groups.yahoo.com/group/jetty-announce/message/45 http://marc.info/?l=bugtraq&m=103358725813039&w=2 http://www.iss.net/security_center/static/10246.php http://www.securityfocus.com/bid/5852 http://www.westpoint.ltd.uk/advisories/wp-02-0011.txt •