VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Apr 16, 2026

CVE-2002-1064

CVE-2002-1064

Description

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

Affected products

7
  • T. Hauck/Jana Web Server7 versions
    cpe:2.3:a:t._hauck:jana_web_server:1.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:t._hauck:jana_web_server:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:1.45:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:1.46:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:2.0_beta1:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:2.0_beta2:*:*:*:*:*:*:*
    • cpe:2.3:a:t._hauck:jana_web_server:2.2.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.