漏洞信息详情

Netscape Enterprise & FastTrack认证缓冲区溢出漏洞

• CNNVD编号：CNNVD-199912-008
• 危害等级： 超危
  
• CVE编号： CVE-1999-0853
• 漏洞类型： 缓冲区溢出
• 发布时间： 1999-12-01
• 威胁类型： 远程
• 更新时间： 2006-09-05
• 厂        商： netscape
• 漏洞来源： This vulnerability...

漏洞简介

Netscape Enterprise服务器和Netscape FastTrack服务器存在缓冲区溢出漏洞。远程攻击者可以借助HTTP基本认证程序获得权限。

漏洞公告

As taken from the ISS Advisory which is listed in full in the 'Credit' secion of this advisory. Affected users should upgrade their systems immediately. This vulnerability affects systems running Administration Server with password protected areas that rely on Basic Authentication. If you run any of the affected servers on any platform, upgrade to iPlanet Web Server 4.0sp2 at: http://www.iplanet.com/downloads/testdrive/detail_161_243.HTML. Netscape has stated that FastTrack will not be patched. Although Netscape released service pack 3 for Enterprise Server 3.6 that fixes the vulnerability in the web server, the Administration Server remains vulnerable.

参考网址

来源: BID 名称: 847 链接:http://www.securityfocus.com/bid/847

受影响实体

• Netscape Enterprise_server:3.5.1  
• Netscape Enterprise_server:3.6  
• Netscape Enterprise_server:3.6:Sp2  
• Netscape Fasttrack_server:3.01  

补丁

暂无