CNET también está disponible en español.

Ir a español

Don't show this again


Flaw affects iPlanet Web server

A new vulnerability in the search function of Sun Microsystems' iPlanet Web server could leave users of the software open to attacks from the Internet, security firm Next-Generation Security Software said Tuesday in an advisory. By default, the search capabilities of the server aren't enabled, but if turned on the flaw could allow a specially crafted packet of data to execute an attacker's program with the permissions of the account under which the Web server runs.

The iPlanet server is the third most common Web server on the Internet, with 1.7 percent of all sites running on the software, according to's June 2002 Web survey. That falls far short of the open-source Web server Apache's 64 percent share and Microsoft's 25 percent share.