CVE-2001-0746

Name of the Vulnerable Software and Affected Versions: iPlanet Web Server Enterprise Edition versions 4.1 and earlier

Description: A buffer overflow issue in the Web Publisher component allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with methods such as GETPROPERTIES or GETATTRIBUTENAMES.

Recommendations: For iPlanet Web Server Enterprise Edition versions 4.1 and earlier, consider restricting access to the Web Publisher component until a fix is available. As a temporary workaround, limit the length of URIs that can be processed by the server to prevent exploitation.