Enterprise Server Netscape Enterprise Server

Do you want an email whenever new security vulnerabilities are reported in Netscape Enterprise Server?

By the Year

In 2024 there have been 0 vulnerabilities in Netscape Enterprise Server . Enterprise Server did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 6.10
2018 0 0.00

It may take a day or so for new Enterprise Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Netscape Enterprise Server Security Vulnerabilities

servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS

CVE-2018-18940 6.1 - Medium - January 31, 2019

servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. NOTE: this product is discontinued.

XSS

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers

CVE-1999-0758 - March 12, 2001

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.

Denial of service in Netscape Enterprise Server

CVE-1999-0752 - July 06, 1999

Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.

Netscape Enterprise servers may list files through the PageServices query.

CVE-1999-0269 - August 01, 1998

Netscape Enterprise servers may list files through the PageServices query.

Some web servers under Microsoft Windows

CVE-1999-0012 - February 06, 1998

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

List of arbitrary files on Web host

CVE-1999-0045 - December 10, 1996

List of arbitrary files on Web host via nph-test-cgi script.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Netscape Commerce Server or by Netscape? Click the Watch button to subscribe.

Netscape
Vendor

subscribe