CVE-2005-3398

CVE-2005-3398 relates to the Solaris Management Console web server in Solaris 8/9/10 where the HTTP TRACE method is enabled by default. The effect is potential cross-site tracing information leakage (e.g., cookies or headers) through TRACE requests. Connected docs confirm the TRACE issue as a rec...

CVE-2003-1127

CVE-2003-1127 affects Whale Communications e-Gap 2.5 on Windows 2000. The vulnerability allows remote attackers to obtain the login page source code by using the HTTP TRACE method, bypassing the preprocessor. Documented impact is partial confidentiality loss with no indicated integrity or availab...

CVE-2003-1127

Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor...

Whale Communications e-Gap security appliance discloses source code via HTTP TRACE Method

Overview Whale communications e-Gap security appliance is a tool to provide a secure remote web access platform. A vulnerability exists that may permit a remote attacker to gain access to the source code of the login page. Description Whale communications e-Gap security appliance version 2.5...

CVE-2003-1127

Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor...

Web servers enable HTTP TRACE method by default

Overview The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. Attackers could leverage this behavior to access sensitive information, such as cookies or authentication data, contained in the HTTP headers of the request. Description The HTTP...