Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities by savant
CVE-2002-2145 (GCVE-0-2002-2145)
Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-09-17 02:27
VLAI
Summary
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10104.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5709 | vdb-entryx_refsource_BID |
| http://online.securityfocus.com/archive/1/291791 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "savant-protected-folder-access(10104)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a \u0027.\u0027 (%2e) at the end of the filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "savant-protected-folder-access(10104)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a \u0027.\u0027 (%2e) at the end of the filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "savant-protected-folder-access(10104)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/291791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2145",
"datePublished": "2005-11-16T21:17:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:51.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2146 (GCVE-0-2002-2146)
Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-09-16 22:30
VLAI
Summary
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/5706 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10102.php | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10102.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10102.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10102.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2146",
"datePublished": "2005-11-16T21:17:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:30:38.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2859 (GCVE-0-2005-2859)
Vulnerability from cvelistv5 – Published: 2005-09-08 04:00 – Updated: 2024-09-17 01:01
VLAI
Summary
Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/16666 | third-party-advisoryx_refsource_SECUNIA |
| http://k.domaindlx.com/shellcore/advisories.asp?b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:28.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16666"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Web Server stores user credentials in plaintext in the Savant\\Users registry key, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-09-08T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16666"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Web Server stores user credentials in plaintext in the Savant\\Users registry key, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16666"
},
{
"name": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84",
"refsource": "MISC",
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2859",
"datePublished": "2005-09-08T04:00:00.000Z",
"dateReserved": "2005-09-08T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:48.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1828 (GCVE-0-2002-1828)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-09-16 19:15
VLAI
Summary
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5707 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10103.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/archive/1/291791 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5707",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5707",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/291791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1828",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2024-09-16T19:15:54.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0338 (GCVE-0-2005-0338)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://marc.info/?l=full-disclosure&m=11072844802… | mailing-listx_refsource_FULLDISC |
| http://marc.info/?l=bugtraq&m=110756234611259&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/12429 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11072568232… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2005-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0338",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:53.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1120 (GCVE-0-2002-1120)
Vulnerability from cvelistv5 – Published: 2002-09-12 04:00 – Updated: 2024-08-08 03:12
VLAI
Summary
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10076.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5686 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/16770/ | exploitx_refsource_EXPLOIT-DB |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
Date Public
2002-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "savant-long-url-bo(10076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-04T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "savant-long-url-bo(10076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "savant-long-url-bo(10076)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1120",
"datePublished": "2002-09-12T04:00:00.000Z",
"dateReserved": "2002-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:16.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2859 (GCVE-0-2005-2859)
Vulnerability from nvd – Published: 2005-09-08 04:00 – Updated: 2024-09-17 01:01
VLAI
Summary
Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/16666 | third-party-advisoryx_refsource_SECUNIA |
| http://k.domaindlx.com/shellcore/advisories.asp?b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:28.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16666"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Web Server stores user credentials in plaintext in the Savant\\Users registry key, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-09-08T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16666"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Web Server stores user credentials in plaintext in the Savant\\Users registry key, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16666"
},
{
"name": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84",
"refsource": "MISC",
"url": "http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2859",
"datePublished": "2005-09-08T04:00:00.000Z",
"dateReserved": "2005-09-08T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:48.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0338 (GCVE-0-2005-0338)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://marc.info/?l=full-disclosure&m=11072844802… | mailing-listx_refsource_FULLDISC |
| http://marc.info/?l=bugtraq&m=110756234611259&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/12429 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11072568232… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2005-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110728448025559\u0026w=2"
},
{
"name": "20050204 Exploit For Savant Web Server 3.1 (tested on win2003)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110756234611259\u0026w=2"
},
{
"name": "12429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12429"
},
{
"name": "20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110725682327452\u0026w=2"
},
{
"name": "savant-bo(19177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0338",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:53.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1828 (GCVE-0-2002-1828)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-09-16 19:15
VLAI
Summary
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5707 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10103.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/archive/1/291791 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5707",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5707",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5707"
},
{
"name": "savant-neg-content-dos(10103)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10103.php"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/291791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1828",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2024-09-16T19:15:54.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2145 (GCVE-0-2002-2145)
Vulnerability from nvd – Published: 2005-11-16 21:17 – Updated: 2024-09-17 02:27
VLAI
Summary
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10104.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5709 | vdb-entryx_refsource_BID |
| http://online.securityfocus.com/archive/1/291791 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "savant-protected-folder-access(10104)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a \u0027.\u0027 (%2e) at the end of the filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "savant-protected-folder-access(10104)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/291791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a \u0027.\u0027 (%2e) at the end of the filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "savant-protected-folder-access(10104)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10104.php"
},
{
"name": "5709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5709"
},
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/291791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2145",
"datePublished": "2005-11-16T21:17:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:51.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2146 (GCVE-0-2002-2146)
Vulnerability from nvd – Published: 2005-11-16 21:17 – Updated: 2024-09-16 22:30
VLAI
Summary
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/5706 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10102.php | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10102.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10102.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020913 Savant 3.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0151.html"
},
{
"name": "5706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5706"
},
{
"name": "savant-cgitest-bo(10102)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10102.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2146",
"datePublished": "2005-11-16T21:17:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:30:38.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1120 (GCVE-0-2002-1120)
Vulnerability from nvd – Published: 2002-09-12 04:00 – Updated: 2024-08-08 03:12
VLAI
Summary
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10076.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5686 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/16770/ | exploitx_refsource_EXPLOIT-DB |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
Date Public
2002-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "savant-long-url-bo(10076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-04T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "savant-long-url-bo(10076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "savant-long-url-bo(10076)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10076.php"
},
{
"name": "5686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5686"
},
{
"name": "16770",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/16770/"
},
{
"name": "20020910 Foundstone Labs Advisory - Buffer Overflow in Savant Web Server",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1120",
"datePublished": "2002-09-12T04:00:00.000Z",
"dateReserved": "2002-09-10T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:16.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}