A recent CERT notice warns of vulnerability in the Sun iPlanet web server (Enterprise and FastTrack Editions) through buffer overflow.
This may allow remote attackers to access information on the server, including “userids, passwords, cookies or authentication data belonging to other users of the web server”, says CERT.
“With this data the attacker may be able to falsely authenticate themselves to the web server as other users. In some cases, the attacker may be able to prevent the normal operation of the web server.”
Sun has issued a fix for the problem.