CVE-2001-0419

Name of the Vulnerable Software and Affected Versions iPlanet Web Server versions 4.1

Description A buffer overflow issue exists in the shared library ndwfn4.so for iPlanet Web Server, specifically when used as a web listener for Oracle application server 4.0.8.2. This issue allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as the API endpoint "/jsp/".

Recommendations For iPlanet Web Server version 4.1, consider restricting access to the shared library ndwfn4.so as a temporary workaround until a patch is available. Avoid using long HTTP requests to the application server until the issue is resolved.