Flaw in iPlanet Web server lets attackers run code

A security vulnerability in the search feature of Sun Microsystems' iPlanet Web server can allow attackers to execute code of their choice on remote iPlanet servers, according to a security advisory released Tuesday by Next Generation Security Software.

The flaw affects iPlanet Web server versions 4.1 and 6.0, NGSSoftware said. Sun has released patches to address the vulnerability on both versions of the software.

Users of iPlanet 4.1 can download the patch, which is a part of Service Pack 10,Users of iPlanet 6.0, which has been renamed Sun ONE Web server 6.0, can download Service Pack 3 to fix the issue.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about iPlanetNext Generation Security Software

Show Comments