Netscape Enterprise Server — known CVE vulnerabilities
Every CVE whose affected-product data names Netscape Enterprise Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-1999-0853 — CVSS 10.0 (critical): Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic…
CVE-2000-0308 — CVSS 10.0 (critical): Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3…
CVE-1999-0744 — CVSS 7.5 (high): Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVE-2000-0600 — CVSS 7.5 (high): Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a…
CVE-2004-0826 — CVSS 7.5 (high): Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a…
CVE-2002-1654 — CVSS 7.5 (high): iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic…
CVE-1999-0012 — CVSS 7.0 (high): Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-2000-0237 — CVSS 6.4 (medium): Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the…
CVE-2018-18940 — CVSS 6.1 (medium): servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the…
CVE-2001-0250 — CVSS 5.0 (medium): The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the…
CVE-2001-0251 — CVSS 5.0 (medium): The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
CVE-2002-1042 — CVSS 5.0 (medium): Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when…
CVE-2002-1655 — CVSS 5.0 (medium): The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of…
CVE-1999-1130 — CVSS 5.0 (medium): Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to…
CVE-1999-0758 — CVSS 5.0 (medium): Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the…
CVE-1999-1005 — CVSS 5.0 (medium): Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the…
CVE-2000-0236 — CVSS 5.0 (medium): Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such…