CVE-2002-0892

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message...

CVE-2002-0893

The CVE-2002-0893 entry maps to ServletExec 4.1 ISAPI vulnerability in the JSP10Servlet that enables directory traversal. Multiple connected sources describe that by issuing a URL-encoded "..%5c" (modified dot-dot) to com.newatlanta.servletexec.JSP10Servlet, an attacker can read arbitrary files w...

Multiple bugs in ServletExec ISAPI

Physical path disclosure, directory traversal, DoS, buffer overflow...

NewAtlanta ServletExecISAPI 4.1 JSPServlet - Denial of Service

NewAtlanta ServletExecISAPI 4.1 JSPServlet - Denial of Service // source: https://www.securityfocus.com/bid/4796/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. A denial of service condition occurs when the...

NewAtlanta ServletExecISAPI 4.1 - File Disclosure

NewAtlanta ServletExecISAPI 4.1 - File Disclosure source: https://www.securityfocus.com/bid/4795/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI will disclose the contents of arbitrary files...