CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 2CVE-2002-1169 – IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2002-1169
IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to cause a denial of service (crash) via an HTTP request to helpout.exe with a missing HTTP version number, which causes ibmproxy.exe to crash. IBM Web Traffic Express Caching Proxy Server 3.6 y 4.x antes de 4.0.1.26 permite atacantes remotso causar una denegación de servicio (caída) mediante una petición HTTP a helpout.exe sin número de versión HTTP, lo que hace que ibmproxy.exe se caiga. • https://www.exploit-db.com/exploits/21949 http://www-1.ibm.com/support/search.wss?rs=0&q=IY35970&apar=only http://www.iss.net/security_center/static/10452.php http://www.osvdb.org/2090 http://www.rapid7.com/advisories/R7-0007.txt http://www.securityfocus.com/bid/6002 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2002-1168 – IBM Websphere Edge Server 3.69/4.0 - HTTP Header Injection
https://notcve.org/view.php?id=CVE-2002-1168
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. Vulnerabiliad de scripts en sitios cruzados (XSS) en IBM Web Traffic Express Caching Proxy Server 3.6 y 4.x anteriores a 4.0.1.26 permite a atacantes remotos ejecutar código como otros usuarios mediante una petición HTTP que contiene una cabecera Location: con una secuencia "%0a%0d" (CRLF), lo que de vuelve la Localización como una cabecera HTTP en la respuesta del servidor. • https://www.exploit-db.com/exploits/21948 http://www.iss.net/security_center/static/10454.php http://www.securityfocus.com/bid/6001 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2002-1167 – IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1167
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request. Vulnerabilidad scripts en sitios cruzados en IBM Web Traffic Express Caching Proxy Server 3.6 y 3.x anteriores a 4.0.1.26 permite a atacantes remotos ejecutar código como otros mediante una petición HTTP GET. • https://www.exploit-db.com/exploits/21947 http://www.iss.net/security_center/static/10453.php http://www.securityfocus.com/bid/6000 •