← back
CVE-2002-1484

CVE-2002-1484

EPSS 13.7%
DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21801unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-09/0201.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2002-q3/0125.htmlhttp://www.iss.net/security_center/static/10136.phphttp://www.securityfocus.com/bid/5725