National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:netscape:enterprise_server:2.0
There are 5 matching records.
Vuln ID Summary CVSS Severity

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 7.5 HIGH

iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 7.5 HIGH

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH

Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.

Published: July 30, 1999; 12:00:00 AM -04:00
V2: 5.0 MEDIUM

Information from SSL-encrypted sessions via PKCS #1.

Published: June 26, 1998; 12:00:00 AM -04:00
V2: 5.0 MEDIUM