Hi,
That is big problem in server windwos evryone can get for that he can hacker all server, That expolit apper in server iPlanet when him search.



version It have
- iPlanet Web Server 6.0 SP2
- iPlanet Web Server 4.1 SP9


on system Windows NT and Windows 2000

Can you see That win you use command
NS-query-pat in HTML on server iPlanet.

After That you see
GET /search?NS-query-pat=..\\..\\..\\..\\..\\boot.ini
That is expolit in this server after that you can see contents boot.ini .

If you want cancel That problem Just Stop search as we fine other that.


Regards,
Captain

I can't even decipher your message..

LOL :D

Me too :stickout

yeah me either

Sorry My English language not good :bawling:

I will write the messege again

Originally posted by Captain
Hi,
That is big problem in server windwos evryone can get for that he can hacker all server, That expolit apper in server iPlanet when him search.



version It have
- iPlanet Web Server 6.0 SP2
- iPlanet Web Server 4.1 SP9


on system Windows NT and Windows 2000

Can you see That win you use command
NS-query-pat in HTML on server iPlanet.

After That you see
GET /search?NS-query-pat=..\\..\\..\\..\\..\\boot.ini
That is expolit in this server after that you can see contents boot.ini .

If you want cancel That problem Just Stop search as we fine other that.


Regards,
Captain

I understnad. What he is saying is:
That is big problem in server windwos evryone can get for that he can hacker all server, That expolit apper in server iPlanet when him search.

There is a big problem in windows servers that everyone can get at. He can hack the server. The exploit is in the server iPlanet when the hacker does a search.



version It have
- iPlanet Web Server 6.0 SP2
- iPlanet Web Server 4.1 SP9


on system Windows NT and Windows 2000


This hack can be used in versions iPlanet Web Server 6.0 SP2 and iPlanet Web Server 4.1 SP9. Only on Windows NT and 2000 servers.




Can you see That win you use command
NS-query-pat in HTML on server iPlanet.

After That you see
GET /search?NS-query-pat=..\\..\\..\\..\\..\\boot.ini
That is expolit in this server after that you can see contents boot.ini .


Can you see that when you use the command NS-query-pat in html on the server iPlanet you can see GET /search?NS-query-pat=..\\..\\..\\..\\..\\boot.ini.

This is an exploid in the server that you can see teh contents of boot.ini


If you want cancel That problem Just Stop search as we fine other that.

If you want to get rid of the exploit, just stop the search feature and you will be fine other than that.


Hope this helps,
Andy

Yeah

That is right

Thank you Mr. dbzgod

Hope this helps,
Captain

what is iplanet used for ? does it come installed defaultly?

Man I'm still going "Huh!" :confused:

lol sam

Yep, I agree

I'm guessing iPlanet is a webserverl ike apache???

Does anyone still use iPlanet?

Attempting..


Hi,

There is a major exploit available in Window's servers running the Iplanet software. This problem exposes the entire server allowing the attacker to take over the system.

The exploit appears in Windows server (WinNT 4 - Windows 2000 Server).



Specific Version Information.

- iPlanet Web Server 6.0 SP2
- iPlanet Web Server 4.1 SP9


The above software runs on Windows NT4 Server, and Windows 2000 Server.

If you have this combination of software you can test for the exploit by:

Using the command command NS-query-pat in HTML within the iPlanet server.

An exploitable system will result from that query this:

GET /search?NS-query-pat=..\\..\\..\\..\\..\\boot.ini

This exploit allows the attacker to view the boot.ini

One way that has been used as a workaround has been to stop the search function.

Regards,
Captain

Samuel = Babelfish - LOL

IPlanet is the old Netscape Web Server now owned by IPlanet ( which belongs to AOL I think).

Mac

yeah when it was named to iPlanet it had a built JSP/Servlet container like Tomcat, and a J2EE compliant EJB container.

basically a Java Application Server like BEA or WebSphere

I Thank iPlanet it name for software use in server windows without apache

Just That my Option