IPlanet Information for VU#276767

iPlanet web servers expose sensitive data via buffer overflow



Vendor Statement

iPlanet has acknowledged that this problem exists and that it affects the iPlanet Web Server (iWS) 4.x product line. iPlanet has addressed this vulnerability by issuing a fix made available in two formats: an upgrade, iWS 4.1 SP7 or an NSAPI module that will shield the server from the problem. These fixes, which eliminate the risk posed by this vulnerability, have been published to the iPlanet Web site, along with implementation instructions.