Netscape: >> Directory Server Security Vulnerabilities
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS Score
7.5
EPSS Score
0.03
Published
2004-12-31
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.346
Published
2004-12-31
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVSS Score
7.5
EPSS Score
0.024
Published
2001-06-02
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
CVSS Score
5.0
EPSS Score
0.04
Published
2000-12-11
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.
CVSS Score
10.0
EPSS Score
0.005
Published
2000-12-11
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-05-01
Information from SSL-encrypted sessions via PKCS #1.
CVSS Score
5.0
EPSS Score
0.051
Published
1998-06-26