• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

iPlanet Admin Server Insecure Open Call Vulnerability

iPlanet web server is prone to a command execution vulnerability due to insecure calls to the open() function. The vulnerability exists in the Admin Server's perl CGI scripts.

This vulnerability may be exploited to execute arbitrary commands on the vulnerable system with the privileges of the web server process.