Savant Webserver
by Savant
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-1120 | 0.09 | — | 0.69 | Sep 24, 2002 | Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||
| CVE-2005-0338 | 0.04 | — | 0.10 | May 2, 2005 | Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request. | ||
| CVE-2002-1828 | 0.03 | — | 0.04 | Dec 31, 2002 | Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | ||
| CVE-2002-2145 | 0.03 | — | 0.03 | Dec 31, 2002 | Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename. | ||
| CVE-2005-2859 | 0.00 | — | 0.00 | Sep 8, 2005 | Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges. | ||
| CVE-2002-2146 | 0.00 | — | 0.01 | Dec 31, 2002 | cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request. |
- CVE-2002-1120Sep 24, 2002risk 0.09cvss —epss 0.69
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
- CVE-2005-0338May 2, 2005risk 0.04cvss —epss 0.10
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
- CVE-2002-1828Dec 31, 2002risk 0.03cvss —epss 0.04
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
- CVE-2002-2145Dec 31, 2002risk 0.03cvss —epss 0.03
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
- CVE-2005-2859Sep 8, 2005risk 0.00cvss —epss 0.00
Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges.
- CVE-2002-2146Dec 31, 2002risk 0.00cvss —epss 0.01
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.