| VID |
22006 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The iPlanet Webserver has a buffer overflow vulnerability by long filename with a .shtml extension.
iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance. iPlanet Web Server 4.x is vulnerable to a buffer overflow when logging requests for invalid server side parsed HTML files. A remote attacker could send a specially crafted request comprised of approximately 198 - 240 characters with .shtml (default) file extension, which would overflow an internal buffer allowing arbitrary code to be executed. This vulnerability is only known to be exploitable if the server side 'parsing' option is enabled.
* References:
http://www.securityfocus.com/bid/1848
http://www.iss.net/security_center/static/5446.php |
| Recommendation |
The latest iPlanet is available at:
http://www.oracle.com/technetwork/java/webtier/downloads/iplanet-webserver-525365.html
As a workaround:
Disable server side parsing of HTML page on vulnerable servers (Content Management -> 'Parsed HTML' option). This disables parsing of .shtml files, which may affect the functionality of your Web server but prevent this vulnerability from being exploited. |
| Related URL |
CVE-2000-1077 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
