GEN:SID 1:1191
Message WEB-MISC Netscape Enterprise Server directory view
Summary This event is generated when an attempt is made to exploit a vulnerability in some versions of Netscape Enterprise Server.
Impact Information leak which could provide an attacker with the data needed to launch further attacks or gain more detailed information about your web server.  Also, the html-rend command can be used to launch denial of service attacks.
Detailed Information A user can see a directory listing by appending a Web Publishing command to the end of a directory URL, for example: "http://www.sun.com/?wp-html-rend".

This exploit will work on Netscape Enterprise Server regardless of directory indexing settings.  

It will not work on iPlanet Web Server if directory indexing is set to "none" or "fancy" (the default).  Web Publishing need not be enabled for this exploit to work.

Additionally, on Windows NT and Windows 2000, a specially crafted URL can use this command to cause an access violation error and crash the web server.
Affected Systems Netscape Enterprise Server 3.0, 3.51 and 3.6
Attack Scenarios The gathering of information such as directory listings is valuable when planning to attack a web server. Also, this command may be used to carry out a denial of service (DoS) attack.
Ease of Attack Simple. No exploit software required however, an automated tool for scanning exists as does an exploit script.
Corrective Action Disable directory indexing.   For earlier versions of Netscape Enterprise Server, this may not fix the problem.  On iPlanet, you can also change the indexing type to "fancy".

To fix the potential DOS vulnerability, upgrade to at least iWS 4.1 SP8.
Additional References iPlanet Knowledge Base Article 4302:
http://knowledgebase.iplanet.com/ikb/kb/articles/4302.html

iPlanet Knowledge Base Article 7761: http://knowledgebase.iplanet.com/ikb/kb/articles/7761.html

Buqtraq:
http://www.securityfocus.com/bid/1063

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0236
Rule References bugtraq: 1063
cve: 2000-0236