Lucene search
HistoryJul 02, 2001 - 4:00 a.m.
CVE-2001-0327
cve-2001-0327
iplanet web server
data leak
memory leak
dos
http request
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.014 Low
EPSS
Percentile
86.4%
iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| iplanet:iplanet_web_server | iplanet iplanet web server | le | 4.1_enterprise |
Related
securityvulns
securityvulns
@stake Security Advisory: iPlanet Web Server 4.x Response Header Overflow (A041601-1)
2001-04-20 00:00:00
iPlanet vulnerabilities on IRIX
2002-08-03 00:00:00
nessus
nessus
cert
cert
iPlanet web servers expose sensitive data via buffer overflow
2001-04-17 00:00:00
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.014 Low
EPSS
Percentile
86.4%
Related for CVE-2001-0327