CVE-2001-0746

Description

Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.

Affected products

• iplanet / iplanet_web_server4.1_sp3 – 4.1_sp3
• iplanet / iplanet_web_server4.1_sp4 – 4.1_sp4
• iplanet / iplanet_web_server4.1_sp5 – 4.1_sp5
• iplanet / iplanet_web_server4.1_sp6 – 4.1_sp6
• iplanet / iplanet_web_server4.1_sp7 – 4.1_sp7

References

• MISChttp://archives.neohapsis.com/archives/bugtraq/2001-05/0132.html
• MISChttp://www.securityfocus.com/bid/2732
• MISChttp://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6554