CVE-2002-1065 Information

Description

Thomas Hauck Jana Server 2.x through 2.2.1 and 1.4.6 and earlier does not restrict the number of unsuccessful login attempts which makes it easier for remote attackers to gain privileges via brute force username and password guessing.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html http://www.iss.net/security_center/static/9688.php