Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_server
(Netscape)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 24 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2000-03-17 | CVE-2000-0236 | Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | Enterprise_server | N/A | ||
| 1996-12-10 | CVE-1999-0045 | List of arbitrary files on Web host via nph-test-cgi script. | Http_server, Commerce_server, Communications_server, Enterprise_server | N/A | ||
| 1998-02-06 | CVE-1999-0012 | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | Frontpage, Internet_information_server, Personal_web_server, Enterprise_server, Fasttrack_server | N/A | ||
| 1998-08-01 | CVE-1999-0269 | Netscape Enterprise servers may list files through the PageServices query. | Enterprise_server | N/A | ||
| 1999-07-06 | CVE-1999-0752 | Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. | Enterprise_server | N/A | ||
| 2001-03-12 | CVE-1999-0758 | Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | Enterprise_server, Fasttrack_server | N/A | ||
| 1998-06-26 | CVE-1999-0007 | Information from SSL-encrypted sessions via PKCS #1. | Stonghold_web_server, Open_market_secure_webserver, Exchange_server, Internet_information_server, Site_server, Certificate_server, Collabra_server, Directory_server, Enterprise_server, Fasttrack_server, Messaging_server, Proxy_server, Ssleay | N/A | ||
| 2019-01-31 | CVE-2018-18940 | servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. NOTE: this product is discontinued. | Enterprise_server | 6.1 | ||
| 2004-12-31 | CVE-2004-0826 | Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | Hp\-Ux, Network_security_services, Certificate_server, Directory_server, Enterprise_server, Personalization_engine, Java_enterprise_system, Java_system_application_server, One_application_server, One_web_server | N/A | ||
| 2002-12-31 | CVE-2002-1655 | The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | Iplanet_web_server, Enterprise_server | N/A |