Searching iplanet software vulnerabilities

Netscape (iPlanet) Certificate Management Syste

Netscape |

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.


Buffer overflow in shared library ndwfn4.so for

ndwfn4so | overflow | iPlanet | library | Server | Buffer | shared | Web |

Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/.


Vulnerability in iPlanet Web Server 4.X in HP-U

Vulnerability | iPlanet | Server | HP-UX | Web |

Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.


iPlanet Calendar Server 5.0p2 and earlier allow

Netscape | attacker | Calendar | earlier | iPlanet | access | Server | allows | local | Admin | gain | 50p2 |

iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions.


Buffer overflow in Web Publisher in iPlanet Web

Enterprise | attackers | arbitrary | Publisher | possibly | overflow | execute | service | earlier | request | iPlanet | Edition | Buffer | denial | allows | Server | remote | cause | long | code | URI | Web | via |

Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.


Buffer overflow in iPlanet Web Server (iWS) Ent

overflow | iPlanet | Server | Buffer | Web |

Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of sevice and possibly execute arbitrary code via a long method name in an HTTP request.


iPlanet Directory Server 4.1.4 and earlier (LDA

Directory | iPlanet | Server |

iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.


Buffer overflows in iPlanet Directory Server 4.

overflows | Directory | iPlanet | Server | Buffer |

Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.


Format string vulnerabilities in iPlanet Direct

vulnerabilities | Directory | iPlanet | Server | string | Format |

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.


Vulnerability in iPlanet Web Server 4 included

Vulnerability | Virtualvault | Operating | included | iPlanet | System | Server | Web |

Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data.


Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS

Allaire | JRun |

Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.


Buffer overflow in the search component for iPl

component | overflow | iPlanet | Server | search | Buffer | Web |

Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter.


Directory traversal vulnerability in search eng

vulnerability | Enterprise | attackers | platforms | Directory | traversal | arbitrary | Netscape | running | Windows | iPlanet | remote | allows | search | engine | server | files | read | SP2 | via | SP9 | web |

Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).


importInfo in the Admin Server for iPlanet WebS

metacharacters | administrator | vulnerability | importInfo | arbitrary | attackers | parameter | WebServer | separate | commands | possibly | iPlanet | exploit | execute | allows | Server | remote | Admin | shell | issue | SP11 | XSS | web | via | dir |

importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separate XSS issue (CVE-2002-1315).


The Web Publishing feature in Netscape Enterpri

Publishing | Enterprise | attackers | Netscape | iPlanet | service | feature | Server | denial | allows | remote | cause | Web |

The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.


Directory traversal vulnerability in ViewLog fo

Administration | vulnerability | Directory | traversal | iPlanet | ViewLog | Server |

Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.


Unknown vulnerability in SunOne/iPlanet Web Ser

SunOne/iPlanet | vulnerability | platforms | attackers | through | Windows | service | Unknown | remote | denial | allows | Server | cause | Web | SP3 | SP5 |

Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service.


Unknown vulnerability in Webmail in iPlanet Mes

vulnerability | Javascript | cross-site | attackers | arbitrary | scripting | Messaging | possibly | execute | Unknown | iPlanet | Webmail | Server | allows | remote | Patch | due | ONE | Sun |

Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability.


Cross-site scripting (XSS) vulnerability in Web

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.


Software vulnerabilities results 1 to 20 of 25     
Page: 12