Vulnerabilities > CVE-2002-0387 - Unspecified vulnerability in SUN ONE Application Server 6.0/6.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sun
nessus
Summary
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Web Servers |
| NASL id | IPLANET_APP_SERVER_OVERFLOW.NASL |
| description | The remote Sun ONE Application Server (formerly known as iPlanet Application Server) is vulnerable to a buffer overflow when a user provides a long buffer after the application service prefix, as in GET /[AppServerPrefix]/[long buffer] An attacker may use this flaw to execute arbitrary code on this host or disable it remotely. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11403 |
| published | 2003-03-16 |
| reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/11403 |
| title | iPlanet Application Server Prefix Remote Overflow |
References
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/52022
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/52022
- http://www.atstake.com/research/advisories/2003/a031303-1.txt
- http://www.atstake.com/research/advisories/2003/a031303-1.txt
- http://www.ciac.org/ciac/bulletins/n-064.shtml
- http://www.ciac.org/ciac/bulletins/n-064.shtml
- http://www.securityfocus.com/bid/7082
- http://www.securityfocus.com/bid/7082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11529
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11529