Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3398

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3398
Last Modified 07 Mar 2011 09:26:28
Published 01 Nov 2005 07:47:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3398

Summary

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

Vulnerable Systems

Operating System

  • Sun Solaris 10.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

SUNALERT - 102016

SECTRACK - 1015112

VUPEN - ADV-2005-2226

BID - 15222

SECUNIA - 17334


Last Updated: 27 May 2016 10:40:55