This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Jetty | First view | 2002-10-11 |
| Product | Jetty Http Server | Last view | 2004-12-31 |
| Version | 4.0.3 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:jetty:jetty_http_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2004-12-31 | CVE-2004-2381 | HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. |
| 5 | 2002-10-11 | CVE-2002-1178 | Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 8948 | Jetty HTTP Server CGIServlet Double Dot Arbitrary File Access |
| 4387 | Jetty HTTP Server HttpRequest.java Content-Length Handling Remote Overflow DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2005-11-03 | Name : Jetty < 4.2.19 Denial of Service File : nvt/jetty_4_1_9_dos.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2005-03-17 | Name: The remote web server is prone to a denial of service attack. File: jetty_4_1_9_dos.nasl - Type: ACT_GATHER_INFO |
