CVE-2002-1063

Name of the Vulnerable Software and Affected Versions: Thomas Hauck Jana Server versions 1.4.6 and earlier Thomas Hauck Jana Server versions 2.x through 2.2.1

Description: The issue allows remote attackers to cause a denial of service, specifically resource exhaustion, by sending a large number of FTP PASV requests. This action consumes all available FTP ports, leading to the denial of service.

Recommendations: For versions 1.4.6 and earlier, update to a version later than 1.4.6 to resolve the issue. For versions 2.x through 2.2.1, update to a version later than 2.2.1 to resolve the issue. As a temporary workaround, consider restricting the number of FTP PASV requests to minimize the risk of exploitation.