Flaw in iPlanet Web server lets attackers run code

A security vulnerability in the search feature of Sun Microsystems' iPlanet Web server can allow attackers to execute code of their choice on remote iPlanet servers, according to a security advisory released Tuesday by Next Generation Security Software.

The flaw affects iPlanet Web server versions 4.1 and 6.0, NGSSoftware said. Sun has released patches to address the vulnerability on both versions of the software.

Users of iPlanet 4.1 can download the patch, which is a part of Service Pack 10,Users of iPlanet 6.0, which has been renamed Sun ONE Web server 6.0, can download Service Pack 3 to fix the issue.

Join the newsletter!

Error: Please check your email address.

More about iPlanetNext Generation Security Software

Show Comments