46 matches found
CVE-2010-0386
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...
EUVD-2011-5025
Malware in sbrugna...
EUVD-2010-0417
Malware in sbrugna...
EUVD-2005-4865
Malware in sbrugna...
EUVD-2012-2217
Malware in sbrugna...
EUVD-2008-7209
Malware in sbrugna...
CVE-2011-5125
Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 through 8.0, enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and...
K2452: Vulnerabilities in the HTTP TRACE method - VU#867593
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15904: Multiple third-party application-server vulnerabilities
Security Advisory Description CVE-2003-1418 Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode number, or 2 multipart MIME boundary, which reveals child proccess IDs PID. CVE-2004-2320 The...
Security Bulletin: HTTP Trace Method is enabled
Summary HTTP Trace Method is enabled Vulnerability Details Third Party Entry: PSIRT-ADV0017246 DESCRIPTION: Created from Advisory: ADV0017246 CVSS Base score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products and Versions Affected Products| Versions ---|--- UCD - IBM...
HTTP TRACE Allowed
The HTTP TRACE method allows a client to send a request to the server, and have the same request sent back in the server's response. This allows the client to determine if the server is receiving the request as expected. Often this method is used for debugging purposes e.g. to verify that a reque...
Gratipay: HTTP trace method is enabled on gip.rocks
Hello, HTTP TRACE method is enabled on your server which should not be enabled. It can lead to cross site tracing ! Cross site tracing: https://www.owasp.org/index.php/CrossSiteTracing curl -X TRACE http://gip.rocks/ -vv Hostname was NOT found in DNS cache Trying 184.73.218.93... Connected to...
Pornhub: HTTP Track/Trace Method Enabled
Researcher identified that HTTP TRACE method was enabled...
Gratipay: HTTP trace method is enabled
Hello, HTTP TRACE method is enabled on your server which should not be enabled. It can lead to cross site tracing ! Cross site tracing: https://www.owasp.org/index.php/CrossSiteTracing root@initlabs: curl -vX TRACE "https://gratipay.com" Rebuilt URL to: https://gratipay.com/ Hostname was NOT foun...
HTTP 'TRACE' Method Detection
Binary data 8701.prm...
Design/Logic Flaw
HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...
CVE-2014-7883
HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...
CVE-2011-5125
Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...
CVE-2011-5125
Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...