CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2003-1589
https://notcve.org/view.php?id=CVE-2003-1589
25 Feb 2010 — Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 before SP13 and 6.0 before SP6 on Windows allows attackers to cause a denial of service (daemon crash) via unknown vectors. Vulnerabilidad sin especificar en Sun ONE (aka iPlanet) Web Server v4.1 anteriores a SP13 y v6.0 anteriores SP6 sobre Windows permite a atacantes producir una denegación de servicio (caída de demonio) a través de vectores desconocidos. • http://sunsolve.sun.com/search/document.do?assetkey=1-66-201454-1 •
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 1CVE-2003-1577
https://notcve.org/view.php?id=CVE-2003-1577
05 Feb 2010 — Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files, and conduct cross-site scripting (XSS) attacks involving the iPlanet Log Analyzer, via an HTTP request in conjunction with a crafted DNS response, related to an "Inverse Lookup Log Corruption (ILLC)" issue, a different vulnerability than CVE-2002-1315 and CVE-2002-1316. Sun ONE (tambien conocido como iPlanet) Web Serve... • http://sunsolve.sun.com/search/document.do?assetkey=1-66-201453-1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2003-1578
https://notcve.org/view.php?id=CVE-2003-1578
05 Feb 2010 — Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning with a "format=" substring, related to an "Inverse Lookup Log Corruption (ILLC)" issue. Sun ONE (conocido también como iPlanet) Web Server v4.1 hasta SP12 y v6.0 hasta SP5, cuando la resolución DNS está activada p... • http://sunsolve.sun.com/search/document.do?assetkey=1-66-201453-1 •
CVSS: 6.1EPSS: 0%CPEs: 47EXPL: 1CVE-2004-2763
https://notcve.org/view.php?id=CVE-2004-2763
01 Jun 2009 — The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting. La configuración por defecto de Sun ONE/iPlanet Web Server v4.1 SP! al SP2 y v6.0 SP1 al SP5 responde a las peticiones HTTP TRACE, lo que puede permitir a atacantes remotos el robo de información usando ataques de seguimi... • http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html • CWE-16: Configuration •
CVSS: 6.8EPSS: 6%CPEs: 20EXPL: 0CVE-2006-2501
https://notcve.org/view.php?id=CVE-2006-2501
20 May 2006 — Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages. • http://jvn.jp/jp/JVN%2303D5EAA8/index.html •
CVSS: 9.8EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0826
https://notcve.org/view.php?id=CVE-2004-0826
02 Sep 2004 — Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 •
CVSS: 7.5EPSS: 7%CPEs: 26EXPL: 2CVE-2002-1042 – iPlanet Web Server 4.1 - Search Component File Disclosure
https://notcve.org/view.php?id=CVE-2002-1042
31 Aug 2002 — Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. • https://www.exploit-db.com/exploits/21603 •