Netscape: >> Enterprise Server >> 2.0 Security Vulnerabilities
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS Score
7.5
EPSS Score
0.03
Published
2004-12-31
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
CVSS Score
7.5
EPSS Score
0.018
Published
2002-12-31
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVSS Score
10.0
EPSS Score
0.003
Published
2001-03-12
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVSS Score
7.5
EPSS Score
0.046
Published
2000-01-04
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.
CVSS Score
5.0
EPSS Score
0.038
Published
1999-07-30
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
CVSS Score
5.0
EPSS Score
0.037
Published
1999-07-06
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVSS Score
5.0
EPSS Score
0.007
Published
1999-05-07
Netscape Enterprise servers may list files through the PageServices query.
CVSS Score
5.0
EPSS Score
0.034
Published
1998-08-01
Information from SSL-encrypted sessions via PKCS #1.
CVSS Score
5.0
EPSS Score
0.051
Published
1998-06-26