Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

enterprise3.6.txt

๐Ÿ—“๏ธย 19 Sep 1999ย 00:00:00Reported byย Packet StormTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 23ย Views

Vulnerability in Netscape Enterprise Server 3.6 SP2 allows service crashes via malformed URL.

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Code
`From: Nobuo Miwa <[email protected]>   
Subject: Accept overflow on Netscape Enterprise Server 3.6 SP2   
  
Hi,  
  
I found a vulnerability in "Enterprise 3.6 SP 2 SSL Handshake fix"..  
I sent a malformed URL to the server and its service was dead.  
  
  
Its URL is following...  
  
  
GET / HTTP/1.0  
Accept: aaaaaaaaaaaaaa...2000byte/gif  
  
  
Ofcourse you must be able to execute small code you like with  
"long Accept" command(just like htr problem on IIS).  
  
  
I've reported this to Netscape on 31st Aug. They've just  
finished making the patch(maybe SP3). It must be released soon.  
I'm gonna post this to BUGTRAQ after they release the patch, but  
someone posted it to some other mailing lists. So I decided  
to post it to here today.  
  
  
Thanks,  
Nobuo Miwa(Moderator of BUGTRAQ-JP)  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Sep 1999 00:00Current
vulnerability netscape enterprise server overflow patch
23
.json
Report