Family: Gain a shell remotely --> Category: infos
iPlanet Application Server Buffer Overflow Vulnerability Scan
Vulnerability Scan Summary
Acertains if Sun ONE AS SP1 is applied
Detailed Explanation for this Vulnerability Test
The remote Sun ONE Application Server (formerly known as iPlanet Application
Server) is vulnerable to a buffer overflow when a user
provides a long buffer after the application service prefix, as in
GET /[AppServerPrefix]/[long buffer]
A possible hacker may use this flaw to execute arbitrary code on this
host or disable it remotely.
Solution : If you are running Application Server 6.5, apply SP1. There is
no patch for 6.0 users
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.