4 results (0.003 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. • http://www.atstake.com/research/advisories/2001/a041601-1.txt http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html http://www.kb.cert.org/vuls/id/276767 http://www.osvdb.org/5704 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. • http://archives.neohapsis.com/archives/hp/2001-q2/0059.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6697 •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

Vulnerability in iPlanet Web Server Enterprise Edition 4.x. • http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. • http://www.securityfocus.com/archive/1/141435 https://exchange.xforce.ibmcloud.com/vulnerabilities/5446 •