Page 2 of 17 results (0.001 seconds)

CVSS: 6.8EPSS: 78%CPEs: 12EXPL: 4

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316). Vulnerabilidad de scripting en sitios cruzados (XSS) en el Servidor de Administración de iPlanet WebServer 4.x, hasta SP11, permite a usuarios remotos ejecutar scripts web o HTML como el adminstrador de iPlanet mediante la inyección del script deseado en los registros de errores, y posiblemente ganar más privilegios usando la vulnerabilidad XSS junto con otro problema (CAN-2002-1316) • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0078.html http://marc.info/?l=bugtraq&m=103772308030269&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-49475-1 http://www.iss.net/security_center/static/10692.php http://www.ngsec.com/docs/advisories/NGSEC-2002-4.txt http://www.securityfocus.com/bid/6202 •

CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 0

Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. • http://marc.info/?l=bugtraq&m=102890933623192&w=2 http://www.iss.net/security_center/static/9799.php http://www.securityfocus.com/bid/5433 http://www.sun.com/service/support/software/iplanet/alerts/transferencodingalert-23july2002.html •

CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 0

Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter. Desbordamiento de búfer en la búsqueda de componentes para iPlanet Web Server (iWS) 4.1 y 6.0 permite a atacantes remotos la ejecución arbitraria de código mediante un argumento largo en el parámetro NS-rel-doc-name. • http://marc.info/?l=bugtraq&m=102622220416889&w=2 http://www.iss.net/security_center/static/9506.php http://www.kb.cert.org/vuls/id/612843 http://www.nextgenss.com/vna/sun-iws.txt http://www.securityfocus.com/bid/4851 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long method name in an HTTP request. • http://archives.neohapsis.com/archives/bugtraq/2001-05/0203.html http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html •

CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 3

Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods. • https://www.exploit-db.com/exploits/20852 https://www.exploit-db.com/exploits/20853 http://archives.neohapsis.com/archives/bugtraq/2001-05/0132.html http://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html http://www.securityfocus.com/bid/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/6554 •