Skip to main content

CVE-2002-1154

Severity Medium
Score 5/10

Summary

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service (disk consumption) by using the command to report updates more frequently and fill the web server error log.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published