Netscape Enterprise Server Accept Header Remote Overflow

medium Nessus Plugin ID 10154

Synopsis

The remote service is prone to a buffer overflow.

Description

The remote web server seems to crash when it is issued a too long argument to the 'Accept:' command :

Example :

GET / HTTP/1.0 Accept: <thousands of chars>/gif

This may allow an attacker to execute arbitrary code on the remote system.

Solution

Upgrade to a version of Netscape Enterprise Server greater than 3.6.

Plugin Details

Severity: Medium

ID: 10154

File Name: netscape_accept_overflow.nasl

Version: 1.34

Type: remote

Family: Web Servers

Published: 9/12/1999

Updated: 7/16/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:netscape:enterprise_server

Required KB Items: www/iplanet, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 9/13/1999

Reference Information

CVE: CVE-1999-0751

BID: 631