Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: ISS Security Advisory: Buffer Overflow in Netscape Enterprise
From: kjarvis () ISS NET (Keith R. Jarvis)
Date: Thu, 2 Dec 1999 13:45:25 -0500


Affected Versions:

This vulnerability affects all supported platforms of Enterprise and
FastTrack web servers. Enterprise 3.5.1 through 3.6sp2 and FastTrack 3.01
were found to be vulnerable. Earlier versions may be vulnerable but were not
tested by ISS X-Force.

Does anyone know if this problem is fixed in 3.6sp3?  The release notes for
sp3 include the following fixes:

         359884.   Buffer overflow on large requests causes Security problems.
         363755.   Buffer overflow in the HTTP Basic authentication.

That second one certainly sounds very similar, but does anyone know for sure?

From the Recommendations section of the advisory:

"Affected users should upgrade their systems immediately. This vulnerability
affects systems running  Administration Server with password protected areas
that rely on Basic Authentication. If you run any of the affected servers on
any platform, upgrade to iPlanet Web Server 4.0sp2 at:
http://www.iplanet.com/downloads/testdrive/detail_161_243.html. Netscape has
stated that FastTrack will not be patched. Although Netscape released
service pack 3 for Enterprise Server 3.6 that fixes the vulnerability in the
web server, the Administration Server remains vulnerable. If you are unable
to upgrade, ISS X-Force recommends that you block the Administration Server
port at the firewall to prevent outside attacks."

So the actual NES server was fixed in 3.6SP3 however the Admin server in that
version still suffers from the overflow.

- --krj

--
Keith R. Jarvis (kjarvis () iss net)             http://xforce.iss.net
Internet Security Systems, Inc.               +1-678-443-6149 (direct)
Adaptive Network Security for the Enterprise  +1-678-443-6479 (fax)



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault