Geeos Team » Gattaca Server 2003 : Security Vulnerabilities, CVEs, Published In 2004
Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter.
Max CVSS
4.3
EPSS Score
1.02%
Published
2004-12-31
Updated
2017-07-11
Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to perform a denial of service (application crash) via a large number of connections to TCP port (1) 25 (SMTP) or (2) 110 (POP).
Max CVSS
5.0
EPSS Score
2.15%
Published
2004-12-31
Updated
2017-07-11
Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial of service (CPU consumption) via directory specifiers in the LANGUAGE parameter to (1) index.tmpl and (2) web.tmpl, such as (a) slash "/", (b) backslash "\", (c) dot ".",, (d) dot dot "..", and (e) internal slash "lang//en".
Max CVSS
5.0
EPSS Score
5.18%
Published
2004-12-31
Updated
2017-07-11
Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message.
Max CVSS
5.0
EPSS Score
1.83%
Published
2004-12-31
Updated
2017-07-11
4 vulnerabilities found