CVE-2001-0746
published 2001-10-18CVE-2001-0746: Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly…
PriorityP343critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
15.20%
96.3th percentile
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| iplanet | iplanet_web_server | — | — |
| iplanet | iplanet_web_server | — | — |
| iplanet | iplanet_web_server | — | — |
| iplanet | iplanet_web_server | — | — |
| iplanet | iplanet_web_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
iPlanet 4.1 Web Publisher - Remote Buffer Overflow (2)
exploitdb·2001-05-15
CVE-2001-0746 iPlanet 4.1 Web Publisher - Remote Buffer Overflow (2)
iPlanet 4.1 Web Publisher - Remote Buffer Overflow (2)
---
source: https://www.securityfocus.com/bid/2732/info
iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance.
By sending a specially crafted request (composed of at least 2000 characters) it is possible to cause a buffer overflow. This could cause the termination of the affected service, requiring a restart and enabling a remote attacker to effect a denial of service attack.
If the submitted buffer is properly structured, it may yield a remote system shell.
Successful exploitation of this vulnerability could lead to a complete compromise of the host.
Note that while only installations of iWS4.1sp3-7 on Windows NT are immediately vulnerable to this attack, all users of iWS4.1sp3-7 are advised to instal
Exploit-DB
iPlanet 4.1 Web Publisher - Remote Buffer Overflow (1)
exploitdb·2001-05-15
CVE-2001-0746 iPlanet 4.1 Web Publisher - Remote Buffer Overflow (1)
iPlanet 4.1 Web Publisher - Remote Buffer Overflow (1)
---
source: https://www.securityfocus.com/bid/2732/info
iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance.
By sending a specially crafted request (composed of at least 2000 characters) it is possible to cause a buffer overflow. This could cause the termination of the affected service, requiring a restart and enabling a remote attacker to effect a denial of service attack.
If the submitted buffer is properly structured, it may yield a remote system shell.
Successful exploitation of this vulnerability could lead to a complete compromise of the host.
Note that while only installations of iWS4.1sp3-7 on Windows NT are immediately vulnerable to this attack, all users of iWS4.1sp3-7 are advised to instal
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-05/0132.htmlhttp://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.htmlhttp://www.securityfocus.com/bid/2732https://exchange.xforce.ibmcloud.com/vulnerabilities/6554http://archives.neohapsis.com/archives/bugtraq/2001-05/0132.htmlhttp://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.htmlhttp://www.securityfocus.com/bid/2732https://exchange.xforce.ibmcloud.com/vulnerabilities/6554
2001-10-18
Published