10 matches found
CVE-2002-2174
The CVE-2002-2174 entry concerns the Telnet proxy in 602Pro LAN SUITE 2002, which does not limit outstanding connections to the local host. This can allow remote attackers to cause denial of service through memory consumption by opening a large number of connections. The available sources identif...
CVE-2004-0336
The CVE-2004-0336 issue affects LAN SUITE Web Mail 602Pro, where a vulnerability in the mail login form allows remote attackers to obtain the path to the mail directory, exposing sensitive information. The core cause is disclosure of internal file paths via the login interface. Impact is informat...
CVE-2001-0447
CVE-2001-0447 affects the Web configuration server component of 602Pro LAN SUITE. A crafted long HTTP request containing %2e (dot dot) characters can trigger a denial of service and may allow arbitrary command execution. This is documented across NVD and CVE records; no explicit exploit code or i...
CVE-2004-0335
CVE-2004-0335 affects LAN SUITE Web Mail 602Pro when the “Directory browsing” feature is enabled. A remote attacker can obtain a directory listing by requesting (1) index.html, (2) cgi-bin/, or (3) users/ via HTTP. The vulnerability allows partial confidentiality impact with network access and lo...
CVE-2001-0448
The CVE-2001-0448 entry concerns the Web Configuration Server in 602Pro LAN SUITE. It is exploitable by remote attackers via an HTTP GET request to the aux directory (and possibly other directories with legacy DOS device names), causing a denial of service. The cited CVSS data indicates a network...
CVE-2002-2152
The CVE-2002-2152 entry concerns the Czech edition of Software602’s Web Server prior to 2002.0.02.0916. Affected component: web server software; vulnerability: remote attackers can gain administrator privileges by directly requesting /admin/, which is not password protected. Underlying cause: lac...
CVE-2007-3203
CVE-2007-3203 : A stack-based buffer overflow in smtpdll.dll of the SMTP service in 602Pro LAN SUITE 2003 (version 2003.0.03.0828) allows remote attackers to execute arbitrary code via an e-mail message containing a long address. This is a confirmed vulnerability with CVSS v2 base score 7.5 (Netw...
CVE-2004-0337
The CVE-2004-0337 entry documents a cross-site scripting vulnerability in LAN SUITE Web Mail 602Pro. An attacker could craft a URL to index.html with a trailing slash and script payload to execute arbitrary script/HTML as another user. The vendor notes the bug could not be reproduced, leaving unc...
CVE-2002-1928
The CVE-2002-1928 entry concerns 602Pro LAN SUITE 2002, where remote attackers can view the directory tree by issuing an HTTP GET request with a trailing tilde (~) or a .bak extension. The connected sources reiterate this same behavior but do not provide additional technical details, affected ver...
CVE-2000-1115
The CVE-2000-1115 flaw affects the 602Pro LAN SUITE remote web administration component (webprox.dll) and is caused by a buffer overflow that can be triggered by a long GET request. Impact per available data includes denial of service and potential arbitrary command execution, with partial impact...