ID CVE-2002-0845
Summary Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
References
Vulnerable Configurations
  • cpe:2.3:a:iplanet:iplanet_web_server:4.1
    cpe:2.3:a:iplanet:iplanet_web_server:4.1
  • cpe:2.3:a:iplanet:iplanet_web_server:6.0
    cpe:2.3:a:iplanet:iplanet_web_server:6.0
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Web Servers
NASL id IPLANET_CHUNKED_ENCODING.NASL
description This host is running the Sun One/iPlanet web server 4.1 or 6.0. This web server contains an unchecked buffer in the 'Chunked Encoding' processing routines. By issuing a malformed request to the web server, a potential intruder can 'POST' extraneous data and cause the web server process to execute arbitrary code. This allows the potential intruder to gain access to this host.
last seen 2019-02-21
modified 2018-11-15
plugin id 11068
published 2002-08-09
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11068
title iPlanet Chunked Encoding Processing Remote Overflow
refmap via4
bid 5433
bugtraq 20020808 EEYE: Sun(TM) ONE / iPlanet Web Server 4.1 and 6.0 Remote Buffer Overflow
confirm http://www.sun.com/service/support/software/iplanet/alerts/transferencodingalert-23july2002.html
xf iplanet-chunked-encoding-bo(9799)
Last major update 17-10-2016 - 22:22
Published 12-08-2002 - 00:00
Back to Top