Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2022-08-17 | 5.0 MEDIUM | N/A |
| Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | |||||
| CVE-1999-0752 | 1 Netscape | 1 Enterprise Server | 2022-08-17 | 5.0 MEDIUM | N/A |
| Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. | |||||
| CVE-1999-0045 | 2 Apache, Netscape | 4 Http Server, Commerce Server, Communications Server and 1 more | 2022-08-17 | 7.5 HIGH | N/A |
| List of arbitrary files on Web host via nph-test-cgi script. | |||||
| CVE-1999-0012 | 2 Microsoft, Netscape | 5 Frontpage, Internet Information Server, Personal Web Server and 2 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | |||||
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2022-08-17 | 5.0 MEDIUM | N/A |
| Netscape Enterprise servers may list files through the PageServices query. | |||||
| CVE-1999-0007 | 5 C2net, Hp, Microsoft and 2 more | 13 Stonghold Web Server, Open Market Secure Webserver, Exchange Server and 10 more | 2020-04-02 | 5.0 MEDIUM | N/A |
| Information from SSL-encrypted sessions via PKCS #1. | |||||
| CVE-2018-18940 | 1 Netscape | 1 Enterprise Server | 2019-02-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. NOTE: this product is discontinued. | |||||
| CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2018-05-02 | 5.0 MEDIUM | N/A |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | |||||
| CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | |||||
| CVE-2001-0250 | 1 Netscape | 1 Enterprise Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command. | |||||
| CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2017-10-09 | 7.5 HIGH | N/A |
| Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | |||||
| CVE-2004-0826 | 4 Hp, Mozilla, Netscape and 1 more | 10 Hp-ux, Network Security Services, Certificate Server and 7 more | 2017-07-10 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | |||||
| CVE-2002-1655 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | |||||
| CVE-2002-1654 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2017-07-10 | 7.5 HIGH | N/A |
| iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | |||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2016-10-17 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
| CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2008-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. | |||||
| CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | |||||