Re: iPlanet Web Server 4.x Product Alert

From: Perrier,Kent - PLANO (Kent.Perrierat_private)
Date: Wed Apr 18 2001 - 06:58:39 PDT

Next message: tslat_private: "TSLSA-#2001-0005 - samba"

Previous message: Bill Sommerfeld: "Re: OpenBSD 2.8 ftpd/glob exploit (breaks chroot)"
In reply to: Glen Shere: "Re: iPlanet Web Server 4.x Product Alert"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Glen Shere wrote:

> Santi Claus wrote:
>
>
>> iPlanet has identified a security vulnerability in the iPlanet
>> Web Server Enterprise Edition 4.x products. This problem does
>> not affect any releases of the product prior to the 4.x versions;
>> however it does affect all iPlanet applications operating on the
>> iPlanet Web Server platform. A patch and implementation
>> instructions to address it are now available.
>
>
> The iPlanet mail server ("Netscape Messaging Server") appears to use a
> modified version of the iPlanet web server for its "HTTP service" (web
> mail feature).
>
> Could someone state authoritatively whether this vulnerability applies to
> the iPlanet mail server's "HTTP service"?

While I cannot authoritatively state that this vulnerability exists
in the webmail server, I can say that the httpd service is NOT
provided by iWS.  iPlanet Messenger ships with its own web server
that is not iWS.


--
Kent

Next message: tslat_private: "TSLSA-#2001-0005 - samba"
Previous message: Bill Sommerfeld: "Re: OpenBSD 2.8 ftpd/glob exploit (breaks chroot)"
In reply to: Glen Shere: "Re: iPlanet Web Server 4.x Product Alert"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 18 2001 - 12:44:01 PDT