Netscape: >> Enterprise Server >> 3.1 Security Vulnerabilities
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS Score
7.5
EPSS Score
0.03
Published
2004-12-31
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
CVSS Score
7.5
EPSS Score
0.018
Published
2002-12-31
The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.
CVSS Score
5.0
EPSS Score
0.013
Published
2002-12-31
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVSS Score
7.5
EPSS Score
0.046
Published
2000-01-04
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.
CVSS Score
5.0
EPSS Score
0.038
Published
1999-07-30
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
CVSS Score
5.0
EPSS Score
0.037
Published
1999-07-06
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVSS Score
5.0
EPSS Score
0.007
Published
1999-05-07
Netscape Enterprise servers may list files through the PageServices query.
CVSS Score
5.0
EPSS Score
0.034
Published
1998-08-01