CVE-2002-1655 — WEB Server vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.3%

top 20.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Iplanet WEB Server Netscape Enterprise Server

Timeline

PublishedDec 31

Latest updateApr 30

Description

The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDnetscape/enterprise_server7 versions+6

▶NVDiplanet/iplanet_web_serverenterprise_4.0, enterprise_4.1+1

Patches

Patch: cert.uni-stuttgart.de ↗Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-jwfr-5jh5-4xg5: The Web Publishing feature in Netscape Enterprise Server 3↗2022-04-30

▶

CVEList

CVE-2002-1655: The Web Publishing feature in Netscape Enterprise Server 3↗2005-03-28

▶