ID CVE-2001-0252
Summary iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.
References
Vulnerable Configurations
  • cpe:2.3:a:iplanet:iplanet_enterprise_server:4.1sp5
    cpe:2.3:a:iplanet:iplanet_enterprise_server:4.1sp5
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family Web Servers
NASL id NETSCAPE_ENTREPRISE_DOT_OVERFLOW.NASL
description The remote web server seems to crash when it is issued a too long request with dots (ie: ../../../../ 1000 times). An attacker may use this flaw to disable the remote server.
last seen 2019-01-16
modified 2018-11-15
plugin id 10689
published 2001-06-15
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10689
title Netscape Enterprise Server Long Traversal Request Remote DoS
refmap via4
bid 2282
bugtraq
  • 20010122 def-2001-04: Netscape Enterprise Server Dot-DoS
  • 20010124 iPlanet FastTrack/Enterprise 4.1 DoS clarifications
xf netscape-enterprise-dot-dos(5983)
Last major update 17-10-2016 - 22:10
Published 02-06-2001 - 00:00
Last modified 09-10-2017 - 21:29
Back to Top