GEN:SID | 1:1050 |
Message | WEB-MISC iPlanet GETPROPERTIES attempt |
Summary | This event is generated when a request is made to a webserver using the the command 'GETPROPERTIES'. This may be an indication that a buffer overflow attack may be in process. |
Impact | If successful, this attack will allow attackers to run code of their choosing on the victim server. |
Detailed Information | The web publishing feature in iPlanet Web Server 4.1 is vulnerable to a buffer overflow. |
Affected Systems | iPlanet Web Server 4.1 up to Service Pack 8 |
Attack Scenarios | An attacker can spawn a remote shell on the server and execute any command they desire. |
Ease of Attack | Difficult. Exploit code does not appear to exist as of June 2003, so an attacker would need to write the code themselves. |
Corrective Action | Disable web publishing or upgrade your web server software. |
Additional References | NTBugtraq Archive: http://archives.neohapsis.com/archives/ntbugtraq/2001-q2/0035.html
|
Rule References | bugtraq: 2732
cve: 2001-0746
|