CVE-1999-0751

Netscape Enterprise Server 3.6 - Buffer Overflow via Accept Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0751. PoCs published by Nobuo Miwa.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Enterprise Server 3.6 SP2 by sending an HTTP GET request with an overly long 'Accept' header (2000 bytes). The vulnerability can lead to denial-of-service (DoS) or arbitrary command execution on the webserver.

Description

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nobuo Miwa · textremotemultiple

https://www.exploit-db.com/exploits/19493

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Enterprise Server 3.6 SP2 by sending an HTTP GET request with an overly long 'Accept' header (2000 bytes). The vulnerability can lead to denial-of-service (DoS) or arbitrary command execution on the webserver.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Enterprise Server 3.6 SP2 with SSL Handshake Patch

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/3256

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/631

Scores

EPSS 0.0479

EPSS Percentile 90.8%

Details

Status published

Products (2)

netscape/enterprise_server 3.5.1

netscape/enterprise_server 3.6 sp2

Published Sep 13, 1999

Tracked Since Feb 18, 2026