CVE-2005-3398: Infoleak
First published: Tue Nov 01 2005(Updated: )
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | =5.8 | |
| Sun Solaris | =10.0 | |
| Sun Solaris | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1
- http://securitytracker.com/id?1015112
- http://www.securityfocus.com/bid/15222
- http://secunia.com/advisories/17334
- http://www.vupen.com/english/advisories/2005/2226
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1445
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sun
- canonical/sun sunos
- version/sun sunos/5.8
- canonical/sun solaris
- version/sun solaris/10.0
- version/sun solaris/9.0