var-200902-0685
Vulnerability from variot
Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. GoAhead WebServer is prone to an authentication-bypass vulnerability and multiple denial-of-service vulnerabilities. A remote attacker may exploit these issues to gain access to protected documents or to create a denial-of-service condition. Versions prior to GoAhead WebServer 2.1.6 are vulnerable. GoAhead WebServer is a WEB publishing service system software. It has to do with incorrect use of the socketInputBuffered function
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0685",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webserver",
"scope": "eq",
"trust": 1.6,
"vendor": "goahead",
"version": "2.1.1"
},
{
"model": "webserver",
"scope": "eq",
"trust": 1.6,
"vendor": "goahead",
"version": "2.1"
},
{
"model": "webserver",
"scope": "eq",
"trust": 1.6,
"vendor": "goahead",
"version": "2.1.2"
},
{
"model": "webserver",
"scope": "eq",
"trust": 1.6,
"vendor": "goahead",
"version": "2.0"
},
{
"model": "webserver",
"scope": "lte",
"trust": 1.0,
"vendor": "goahead",
"version": "2.1.3"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.6,
"vendor": "goahead",
"version": "2.1"
},
{
"model": "webserver",
"scope": "eq",
"trust": 0.6,
"vendor": "goahead",
"version": "2.1.3"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.5"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.4"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.3"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.2"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.1"
},
{
"model": "software goahead webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "goahead",
"version": "2.0"
},
{
"model": "software goahead webserver",
"scope": "ne",
"trust": 0.3,
"vendor": "goahead",
"version": "2.1.6"
}
],
"sources": [
{
"db": "BID",
"id": "33838"
},
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:goahead:goahead_webserver:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:goahead:goahead_webserver:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:goahead:goahead_webserver:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:goahead:goahead_webserver:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:goahead:goahead_webserver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2431"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Richard Cullen, Luigi Auriemma, and the vendor.",
"sources": [
{
"db": "BID",
"id": "33838"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
],
"trust": 0.9
},
"cve": "CVE-2002-2431",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6814",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2431",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200902-116",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6814",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6814"
},
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause \"incorrect behavior\" via unknown \"malicious code,\" related to incorrect use of the socketInputBuffered function by sockGen.c. GoAhead WebServer is prone to an authentication-bypass vulnerability and multiple denial-of-service vulnerabilities. \nA remote attacker may exploit these issues to gain access to protected documents or to create a denial-of-service condition. \nVersions prior to GoAhead WebServer 2.1.6 are vulnerable. GoAhead WebServer is a WEB publishing service system software. It has to do with incorrect use of the socketInputBuffered function",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "BID",
"id": "33838"
},
{
"db": "VULHUB",
"id": "VHN-6814"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-2431",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116",
"trust": 0.7
},
{
"db": "BID",
"id": "33838",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-6814",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6814"
},
{
"db": "BID",
"id": "33838"
},
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"id": "VAR-200902-0685",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6814"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:31:47.669000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2431"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://data.goahead.com/software/webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-sockgen-c"
},
{
"trust": 0.3,
"url": "http://data.goahead.com/software/webserver/2.1.6/release.htm"
},
{
"trust": 0.3,
"url": "http://www.goahead.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6814"
},
{
"db": "BID",
"id": "33838"
},
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6814"
},
{
"db": "BID",
"id": "33838"
},
{
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-6814"
},
{
"date": "2002-10-17T00:00:00",
"db": "BID",
"id": "33838"
},
{
"date": "2009-02-06T19:30:00.377000",
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"date": "2009-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-6814"
},
{
"date": "2009-02-19T22:10:00",
"db": "BID",
"id": "33838"
},
{
"date": "2009-02-09T05:00:00",
"db": "NVD",
"id": "CVE-2002-2431"
},
{
"date": "2009-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GoAhead WebServer \u0027socketInputBuffered function \u0027 Unknown vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-116"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.