CVE-2002-1065

Name of the Vulnerable Software and Affected Versions: Thomas Hauck Jana Server versions 1.4.6 and earlier Thomas Hauck Jana Server versions 2.x through 2.2.1

Description: The issue allows remote attackers to gain privileges via brute force username and password guessing, as it does not restrict the number of unsuccessful login attempts.

Recommendations: For versions 1.4.6 and earlier, restrict access to the login functionality to minimize the risk of exploitation. For versions 2.x through 2.2.1, consider implementing a rate-limiting mechanism for login attempts until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.