MidnightBSD

Advisories for orange_software

CVE-2001-0647 MEDIUM

Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
orange_software orange_web_server 2.1
CVE-2002-0680 MEDIUM

Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
goahead_software goahead_webserver 2.1.4
goahead_software goahead_webserver 2.1.5
montavista_software hard_hat_linux 1.0
goahead_software goahead_webserver 2.1.2
goahead_software goahead_webserver 2.1.1
orange_software orange_web_server 2.1
goahead_software goahead_webserver 2.1.3