Remote Authentication Flaw in iPlanet Web Server and Netscape Enterprise Server
CVE-2002-1654

Currently unrated

Key Information:

Vendor: WordPress
Status: Enterprise Server; Iplanet Web Server
Vendor: CVE Published:; 31 December 2002

Summary

A significant security weakness in iPlanet Web Server Enterprise Edition and Netscape Enterprise Server versions 4.0 and 4.1 allows remote attackers to leverage the wp-force-auth command for HTTP Basic Authentication. This vulnerability facilitates an avenue for attackers to perform brute force password guessing attacks, potentially compromising user credentials without immediate detection. Implementing effective security measures is critical to mitigate this risk.

References

http://www.kb.cert.org/vuls/id/AAMN-567NFX

x_refsource_CONFIRM

http://www.securityfocus.com/bid/3831

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/7845

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Mar 29, 2005
Vulnerability published
Dec 31, 2002