Vulnerabilities > CVE-2002-0387 - Remote Buffer Overflow vulnerability in SUN ONE Application Server 6.0/6.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Web Servers |
| NASL id | IPLANET_APP_SERVER_OVERFLOW.NASL |
| description | The remote Sun ONE Application Server (formerly known as iPlanet Application Server) is vulnerable to a buffer overflow when a user provides a long buffer after the application service prefix, as in GET /[AppServerPrefix]/[long buffer] An attacker may use this flaw to execute arbitrary code on this host or disable it remotely. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11403 |
| published | 2003-03-16 |
| reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/11403 |
| title | iPlanet Application Server Prefix Remote Overflow |