iPlanet Chunked Encoding Processing Remote Overflow
High Nessus Plugin ID 11068
SynopsisThe remote applicaiton server is affected by a buffer overflow vulnerability.
DescriptionThis host is running the Sun One/iPlanet web server 4.1 or 6.0. This web server contains an unchecked buffer in the 'Chunked Encoding' processing routines. By issuing a malformed request to the web server, a potential intruder can 'POST' extraneous data and cause the web server process to execute arbitrary code. This allows the potential intruder to gain access to this host.
SolutionThe vendor has released Sun ONE web server 4.1 service pack 11 and 6.0 service pack 4 to fix this issue.