Lucene search

MitreCVE-2001-0746

HistoryOct 18, 2001 - 4:00 a.m.

CVE-2001-0746

2001-10-1804:00:00

mitre

web.nvd.nist.gov

cve-2001-0746

buffer overflow

iplanet web server

remote attacks

uri request

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

High

EPSS

0.029

Percentile

90.8%

JSON

Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.

Affected configurations

Nvd

Node

iplanetiplanet_web_serverMatch4.1_sp3

iplanetiplanet_web_serverMatch4.1_sp4

iplanetiplanet_web_serverMatch4.1_sp5

iplanetiplanet_web_serverMatch4.1_sp6

iplanetiplanet_web_serverMatch4.1_sp7

VendorProductVersionCPE
iplanetiplanet_web_server4.1_sp3cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp4cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp5cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp6cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp7cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iplanet	iplanet_web_server	4.1_sp3	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:::::::*
iplanet	iplanet_web_server	4.1_sp4	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:::::::*
iplanet	iplanet_web_server	4.1_sp5	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:::::::*
iplanet	iplanet_web_server	4.1_sp6	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:::::::*
iplanet	iplanet_web_server	4.1_sp7	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-05/0132.html

iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html

www.securityfocus.com/bid/2732

exchange.xforce.ibmcloud.com/vulnerabilities/6554

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

High

EPSS

0.029

Percentile

90.8%

JSON

Related for CVE-2001-0746