8/12/02
CAN 2002-0845
An attacker could cause a buffer overflow in the web server by sending
an improperly formed request using chunked transfer encoding. This will crash
the web server causing a denial of service and opens the possibility for
the attacker to execute malicious code as the web server process. This
vulnerability affects Sun ONE / iPlanet Web Server 4.1 and 6.0.
1/17/02
When web publishing is enabled, web publishing commands
can be passed to the server through a web browser by appending
the commands to the server's URL. One such command, wp-html-rend
causes the server to stop responding. Therefore, by sending a
request such as http://server/?wp-html-rend to
the server one or more times, an attacker could deny service to
legitimate users. This vulnerability affects iPlanet 4.0 and
4.1 through service pack 8 running on Windows platforms.
CVE 2000-1077
iPlanet Web Server can be configured to run with
server side parsing, allowing files on the server to be
dynamically included in a web page before being sent
to the client. Files ending in .shtml are
processed with server side parsing.
By sending a very long HTTP request
ending in the .shtml extension, it is
possible to cause a buffer overflow, which could be
used to create a denial of service or to execute
arbitrary code. This vulnerability affects iPlanet
4.0 and 4.1 web servers with server side parsing
enabled.
CVE 2001-0327
CAN 2001-0431
A buffer overflow
in the processing of HTTP headers in
iPlanet 4.0 and 4.1 web servers could result in a memory
leak.
By supplying a specially crafted Host: header
in an HTTP request, an attacker could
create a denial of service or read parts of the
server's memory space which should not be accessible.
In some cases, this memory space could contain pieces
of other users' sessions, including authentication
information which could be used to hijack those sessions.
CAN 2001-0746
CAN 2001-0747
By sending an invalid method or URI request, an attacker could
cause the web server to stop responding. This vulnerability affects
iPlanet web server version 4.1, service pack 3 through 7.
5/18/01
In addition to standard HTTP request
methods such as GET and POST,
Netscape recognizes several other request methods, such
as GETPROPERTIES and GETATTRIBUTENAMES.
These request methods are part of Netscape's Web Publisher
feature.
A buffer overflow condition in the processing of these
Web Publisher methods
could allow a remote attacker to execute arbitrary code.
Netscape Enterprise Server and iPlanet 4.1 (service pack 7) and earlier
are affected by this vulnerability.