← Back to CVEs
CVE-2002-0300
N/ADescription
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file.
CVE Details
CVSS v3.1 ScoreN/A
Published5/31/2002
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0
Affected Products
gnujsp:gnujsp
References
http://marc.info/?l=bugtraq&m=101415804625292&w=2(cve@mitre.org)
http://marc.info/?l=bugtraq&m=101422432123898&w=2(cve@mitre.org)
http://www.debian.org/security/2002/dsa-114(cve@mitre.org)
http://www.iss.net/security_center/static/8240.php(cve@mitre.org)
http://www.securityfocus.com/bid/4125(cve@mitre.org)
http://marc.info/?l=bugtraq&m=101415804625292&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=101422432123898&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2002/dsa-114(af854a3a-2127-422b-91ae-364da2661108)
http://www.iss.net/security_center/static/8240.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/4125(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.