{"vuid":"VU#612843","idnumber":"612843","name":"Sun iPlanet and ONE Web Servers contain a buffer overflow in the search engine","keywords":["Sun","iPlanet Web Server 6","buffer overflow"],"overview":"The Sun iPlanet Web Server and Sun ONE Web Server both ship with a search engine that is not enabled by default. A remotely exploitable buffer overflow exists in the search engine that could permit an attacker to execute arbitrary code on the system.","clean_desc":"The Sun iPlanet Web Server Enterprise Edition 4.1 and Sun ONE Web Server 6.0 ship with a search engine that contains a buffer overflow. The search engine is not enabled by default, but is a likely configuration option that would be enabled by the site administrator. If the search engine is enabled, then a remote attacker may be able to exploit the buffer overflow to execute arbitrary code on the system.","impact":"If the search engine is enabled, then a remote attacker may be able to exploit the buffer overflow to execute arbitrary code on the system.","resolution":"Sun Microsystems has released the following service packs to address this issue: Sun iPlanet Web Server Enterprise Edition 4.1 (Service Pack 10): http://wwws.sun.com/software/download/download/5261.html Sun ONE Web Server 6.0 (Service Pack 3): http://wwws.sun.com/software/download/download/5262.html","workarounds":"Disable the search engine.","sysaffected":"","thanks":"The CERT/CC thanks NGSSoftware for reporting this vulnerability.","author":"This document was written by Jason A Rafail.","public":["http://www.nextgenss.com/vna/sun-iws.txt","http://online.securityfocus.com/bid/4851"],"cveids":["CVE-2002-0686"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-05-29T15:28:49Z","publicdate":"2002-05-27T00:00:00Z","datefirstpublished":"2002-07-23T21:25:49Z","dateupdated":"2003-04-11T22:33:43Z","revision":16,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"16","cam_exploitation":"10","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"19","cam_attackeraccessrequired":"15","cam_scorecurrent":"57.7125","cam_scorecurrentwidelyknown":"64.125","cam_scorecurrentwidelyknownexploited":"80.15625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":57.7125,"vulnote":null}