what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

iplanet.search.txt

iplanet.search.txt
Posted Jul 10, 2002
Authored by David Litchfield | Site ngssoftware.com

The Sun iPlanet Web Server iWS 4.1 and 6.0 contains a remotely exploitable buffer overflow if the search feature is enabled.

tags | web, overflow
SHA-256 | 569fc6dbae95b454b1cb7139d2f9325513c3521f10923c0642d0afb59f288e67

iplanet.search.txt

Change Mirror Download
NGSSoftware Insight Security Research Advisory

Name: iPlanet Search Buffer Overflow
Systems: iWS 6.0 and iWS 4.1
Severity: High Risk (if Search enabled)
Category: Remote Buffer Overrun Vulnerability
Vendor URL: https://www.iplanet.com/
Author: David Litchfield (david@ngssoftware.com)
Advisory URL: https://www.ngssoftware.com/advisories/sun-iws.txt
Date: 9th July 2002
Advisory number: #NISR09072002A
VNA reference : https://www.nextgenss.com/vna/sun-iws.txt

Description
***********
iPlanet's Web Server, now owned and maintained by Sun Microsystems, has a
remotely exploitable buffer overrun vulnerability in the search component.


Details
*******
By default, the search capabilities of iPlanet's Web Server are turned off,
but if search has been enabled then the server is vulnerable to a remotely
exploitable buffer overrun. By supplying an overly long value for the
'NS-rel-doc-name' parameter a saved return address is overwritten on the
stack, giving control over the vulnerable process' execution. Any code
supplied will run in the security context of the account running the web
server. On Windows NT/2000, for example, this account is the local SYSTEM
account, by default, so any code will run uninhibited.


Fix Information
***************
NGSSoftware alerted Sun to this problem on the 25th of April 2002 and were
informed that Sun wanted to address this in the next service pack, despite
NGSSoftware's recommedation that a hotfix should be released as this is a
remotely exploitable issue. This aside the service pack has been released.

Users of iPlanet Web Server 6 should install Service Pack 3.
Users of iPlanet Web Server 4.1 should install Service Pack 10.

A check for this vulnerability has been added to Typhon II, NGSSoftware's
vulnerability assessment scanner, of which, more information is available
from the NGSSite, https://www.ngssoftware.com/ .







Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close