Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0327

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0327
Last Modified 05 Sep 2008 04:23:50
Published 02 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0327

Summary

iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server.

Vulnerable Systems

Application

  • Iplanet Web Server 4.1 Enterprise


References

CERT-VN - VU#276767

ATSTAKE - A041601-1

CONFIRM - http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html

OSVDB - 5704


Last Updated: 27 May 2016 10:36:13