iPlanet Webserver .shtml Buffer Overflow Vulnerability
iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance.
By sending a specially crafted request comprised of approximately 198 - 240 characters with .shtml (default) file extension, it is possible to cause a buffer overflow and allow the execution of arbitrary code. This is due to the way iPlanet parses .shtml files.
This vulnerability is only known to be exploitable if the server side 'parsing' option is enabled.
Successful exploitation of this vulnerability could lead to a complete compromise of the host.