Lucene search
HistoryNov 01, 2005 - 12:47 p.m.
CVE-2005-3398
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.7%
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Affected configurations
Node
sunsolarisMatch9.0sparc
ORsunsolarisMatch10.0sparc
ORsunsunosMatch5.8
Related
openvas
openvas
Solaris Update for /usr/sadm/lib/smc/lib/preload/jsdk21.jar 116808-02
2009-06-03 00:00:00
Solaris Update for /usr/sadm/lib/smc/lib/preload/jsdk21.jar 116807-02
2009-06-03 00:00:00
Solaris Update for /usr/sadm/lib/smc/lib/preload/jsdk21.jar 116807-02
2009-06-03 00:00:00
cvelist
cvelist
cve
cve
nessus
nessus
Solaris 9 (x86) : 116808-02
2004-07-12 00:00:00
Solaris 9 (sparc) : 116807-02
2004-07-12 00:00:00
HTTP Reverse Proxy Detection (Deprecated)
2002-07-02 00:00:00
nvd
nvd
prion
prion
Cross site scripting
2007-06-04 17:30:00
Design/Logic Flaw
2010-01-25 19:30:00
Design/Logic Flaw
2010-01-25 19:30:00
redhatcve
redhatcve
CVE-2007-3008
2015-10-30 09:28:33
f5
f5
SOL15904 - Multiple third-party application-server vulnerabilities
2014-12-11 00:00:00
K15904 : Multiple third-party application-server vulnerabilities
2014-12-11 00:00:00
pentestpartners
pentestpartners
Vulnerabilities that arenβt. Cross Site Tracing / XST
2022-01-25 06:08:46
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.7%
Related for NVD:CVE-2005-3398