Lucene search
K
SunOne Web Server

12 matches found

CVE
CVE
added 2004/09/02 4:0 a.m.161 views

CVE-2004-0826

CVE-2004-0826 affects the Netscape Network Security Services (NSS) library’s SSLv2 record parsing. The issue is a heap-based buffer overflow triggered by a modified record length field in an SSLv2 client hello, allowing a remote attacker to execute arbitrary code. Multiple advisories and OpenVAS ...

7.5CVSS7.7AI score0.22525EPSS
CVE
CVE
added 2009/06/01 10:0 p.m.110 views

CVE-2004-2763

The Red Hat and SUSE entries for CVE-2010-0386 describe the same class of issue as CVE-2004-2763: default installations of Sun Java System Application Server 7 enable the HTTP TRACE method, enabling cross-site tracing that can expose cookies and credentials. This is a related but distinct advisor...

5.8CVSS5.9AI score0.02178EPSS
CVE
CVE
added 2009/06/05 3:25 p.m.75 views

CVE-2009-1934

Sun Java System Web Server 6.1 (Reverse Proxy Plug-in) is vulnerable to an XSS issue (CVE-2009-1934) in scenarios that trigger a 502 Gateway error. The vulnerability affects the Reverse Proxy Plug-in before SP11, allowing remote attackers to inject arbitrary script via the query string. The avail...

4.3CVSS5.5AI score0.02235EPSS
CVE
CVE
added 2006/05/20 2:59 a.m.73 views

CVE-2006-2501

CVE-2006-2501 describes a cross-site scripting (XSS) vulnerability in multiple Sun web/server products (Sun ONE Web Server 6.0 SP9 and earlier; Sun Java System Web Server 6.1 SP4 and earlier; Sun ONE Application Server 7 Update 6 and earlier; Java System Application Server 7 2004Q2 Update 2 and e...

6.8CVSS5.9AI score0.03398EPSS
CVE
CVE
added 2010/02/05 10:13 p.m.70 views

CVE-2003-1579

CVE-2003-1579 affects Sun ONE (iPlanet) Web Server 6 on Windows. When DNS resolution is enabled for client IPs, the logging format does not clearly indicate if a dotted quad is unresolved, enabling remote attackers to spoof IPs via crafted DNS responses containing numerical top-level domains (ILL...

4.3CVSS6.9AI score0.00898EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.69 views

CVE-2002-1042

CVE-2002-1042 describes a directory traversal flaw in iPlanet Web Server 6.0 SP2, 4.1 SP9, and Netscape Enterprise Server 3.6 on Windows, allowing remote attackers to read arbitrary files via ..\ in the NS-query-pat parameter. Connected sources confirm the affected products and the vulnerable par...

5CVSS6.8AI score0.03854EPSS
CVE
CVE
added 2005/06/30 4:0 a.m.69 views

CVE-2005-2094

Sun SunONE web server 6.1 SP1 is affected by CVE-2005-2094. The vulnerability arises in HTTP request processing when a request contains both Transfer-Encoding: chunked and Content-Length headers, leading SunONE to mishandle and forward the request body as if it were a separate HTTP request. This ...

4.3CVSS6.4AI score0.0142EPSS
CVE
CVE
added 2010/02/05 10:13 p.m.54 views

CVE-2003-1577

CVE-2003-1577 affects Sun ONE/iPlanet Web Server 4.1–SP12 and 6.0–SP5 when DNS resolution is enabled for client IPs. A crafted DNS response can be combined with an HTTP request to inject arbitrary text into server logs and trigger cross-site scripting (XSS) in the iPlanet Log Analyzer, via an Inv...

2.6CVSS6AI score0.01077EPSS
CVE
CVE
added 2010/02/25 7:0 p.m.54 views

CVE-2003-1589

CVE-2003-1589 affects Sun ONE (iPlanet) Web Server on Windows, specifically versions 4.1 before SP13 and 6.0 before SP6. The vulnerability is described as unspecified and leads to a denial of service (daemon crash) via unknown vectors. The available references reiterate the DoS impact but do not ...

5CVSS6.7AI score0.01216EPSS
CVE
CVE
added 2010/02/25 7:0 p.m.50 views

CVE-2003-1590

CVE-2003-1590 concerns Sun ONE (iPlanet) Web Server 6.0 SP3–SP5 on Windows, described as an unspecified vulnerability that allows remote attackers to trigger a denial of service (daemon crash) via unknown vectors. The available records do not specify the exact root cause, impacted subcomponents, ...

5CVSS6.8AI score0.01631EPSS
CVE
CVE
added 2010/02/05 10:13 p.m.47 views

CVE-2003-1578

The CVE-2003-1578 entry concerns Sun ONE (iPlanet) Web Server 4.1–SP12 and 6.0–SP5 when DNS resolution is enabled for client IPs. The underlying issue, described as an Inverse Lookup Log Corruption (ILLC) vulnerability, allows remote attackers to hide HTTP requests from the log-preview functional...

4.3CVSS7AI score0.01113EPSS
CVE
CVE
added 2005/03/12 5:0 a.m.44 views

CVE-2003-1126

CVE-2003-1126 affects Sun One/iPlanet Web Server running on Windows platforms with SP3–SP5. The vulnerability permits remote denial of service, as described in multiple sources. The connected documents provide the same general impact and do not specify affected product versions beyond SP3–SP5 or ...

5CVSS7AI score0.01986EPSS