VULHUB ™

It is possible to trigger an overflow in iPlanet by submitting a malformed 'Host:' header field in an HTTP request. It has been demonstrated that this may cause the server to return sensitive information from memory in the 'Location:' header field of the HTTP response. This may also be used to corrupt memory with attacker-supplied data which may result in execution of malicious code, though this possibility has not been confirmed. Denial of service may also be possible under some circumstances.

It is possible to trigger an overflow in iPlanet by submitting a malformed 'Host:' header field in an HTTP request. It has been demonstrated that this may cause the server to return sensitive information from memory in the 'Location:' header field of the HTTP response. This may also be used to corrupt memory with attacker-supplied data which may result in execution of malicious code, though this possibility has not been confirmed. Denial of service may also be possible under some circumstances.