ownCloud: s2.owncloud.com: Web Server HTTP Trace/Track Method Support Cross-Site Tracing Vulnerability

DOMAIN: s2.owncloud.com PORT: 83 THREAT: The Web server was detected that supports the HTTP TRACE method. This method allows debugging and connection trace analysis for connections from the client to the Web server. Per the HTTP specification, when this method is used, the Web server echoes back...

ownCloud: demo.owncloud.org: Web Server HTTP Trace/Track Method Support Cross-Site Tracing Vulnerability

DOMAIN: demo.owncloud.org PORT: 8080 THREAT: The Web server was detected that supports the HTTP TRACE method. This method allows debugging and connection trace analysis for connections from the client to the Web server. Per the HTTP specification, when this method is used, the Web server echoes...

HTTP 'TRACE' Method Detection

Binary data 8701.prm...

Oracle GlassFish Server Administration Console Authentication Bypass - Ver2 (CVE-2011-1511)

An authentication bypass vulnerability has been reported in the administration console of Oracle GlassFish. The vulnerability is due to an error while processing HTTP TRACE requests. A remote attacker can exploit this vulnerability by sending a crafted TRACE request to the target. Successful...

Design/Logic Flaw

HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...

CVE-2014-7883

HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...

CVE-2014-7883

HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...

CVE-2014-7883

CVE-2014-7883 affects HP Universal CMDB (UCMDB) Server/JMX Console. The vulnerability arises from access control that only protects GET/POST; an attacker can use HTTP HEAD to bypass authentication and add/obtain admin access. Public references show affected UCMDB versions (e.g., 10.10, with menti...

Apache Traffic Server HTTP TRACE Request Remote DoS Vulnerability

Apache Traffic Server is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Nmap NSE 6.01: http-trace

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-5125

Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...

Cross site scripting

Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...

CVE-2011-5125

Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...

CVE-2011-5125

Cross-site scripting XSS vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method...

CVE-2011-5125

CVE-2011-5125 is a Cross-site Scripting (XSS) vulnerability in Blue Coat Director prior to version 5.5.2.3. The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method. The NVD entry lists a medium base score (4.3, CVSS2) with Network attac...

CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

Cross site scripting

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

CVE-2012-2223

The xplat agent in Novell ZENworks Configuration Management ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing XST attacks via unspecified vectors...

CVE-2012-2223

The CVE-2012-2223 issue affects Novell ZENworks Configuration Management (ZCM): the xplat agent in ZCM 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which could allow remote attackers to perform cross-site tracing (XST) via unspecified vectors. Impact is stated as poten...

Novell ZENworks Configuration Management 10.3 < 10.3.4 Multiple Vulnerabilities

ZENworks Configuration Management, configuration management software from Novell, is installed on the remote Windows host. According to its version, it is affected by several vulnerabilities : - An unspecified vulnerability with regards to the HTTP TRACE method. - An unspecified vulnerability wit...