var-200511-0133
Vulnerability from variot
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. RFC 2616 According to TRACE Supports methods Web The server is set in the browser Cookie A vulnerability exists in which information is obtained.Set in browser Cookie Authentication information derived from (Basic Authentication: base64 Contains encoded user information ) May get you. Sun Solaris Management Console is prone to an information-disclosure vulnerability. The attacker may exploit this issue along with other attacks, such as cross-site scripting, to steal cookie-based authentication credentials.
TITLE: Sun Solaris HTTP TRACE Response Cross-Site Scripting Issue
SECUNIA ADVISORY ID: SA17334
VERIFY ADVISORY: http://secunia.com/advisories/17334/
CRITICAL: Not critical
IMPACT: Cross Site Scripting
WHERE:
From local network
OPERATING SYSTEM: Sun Solaris 10 http://secunia.com/product/4813/ Sun Solaris 8 http://secunia.com/product/94/ Sun Solaris 9 http://secunia.com/product/95/
DESCRIPTION: Sun has acknowledged a security issue in Solaris, which potentially can be exploited by malicious people to conduct cross-site scripting attacks. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site when combined with certain browser vulnerabilities. It is reportedly not possible to disable the TRACE method.
The security issue has been reported in Solaris 8, 9 and 10 on both SPARC and x86 platforms.
SOLUTION: Apply patches when available.
The vendor recommends that the SMC may be disabled as a workaround.
-- SPARC Platform --
Solaris 9: Apply patch 116807-02 or later.
-- x86 Platform --
Solaris 9: Apply patch 116808-02 or later.
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0133",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "9.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0"
},
{
"model": "one/iplanet web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.1"
},
{
"model": "one/iplanet web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0"
},
{
"model": "one/iplanet web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "BID",
"id": "15222"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:java_system_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:one_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This issue was reported by Sun.",
"sources": [
{
"db": "BID",
"id": "15222"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
}
],
"trust": 0.9
},
"cve": "CVE-2005-3398",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2005-3398",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3398",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#867593",
"trust": 0.8,
"value": "3.71"
},
{
"author": "NVD",
"id": "CVE-2005-3398",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-012",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. RFC 2616 According to TRACE Supports methods Web The server is set in the browser Cookie A vulnerability exists in which information is obtained.Set in browser Cookie Authentication information derived from (Basic Authentication: base64 Contains encoded user information ) May get you. Sun Solaris Management Console is prone to an information-disclosure vulnerability. The attacker may exploit this issue along with other attacks, such as cross-site scripting, to steal cookie-based authentication credentials. \n\nTITLE:\nSun Solaris HTTP TRACE Response Cross-Site Scripting Issue\n\nSECUNIA ADVISORY ID:\nSA17334\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17334/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nSun Solaris 10\nhttp://secunia.com/product/4813/\nSun Solaris 8\nhttp://secunia.com/product/94/\nSun Solaris 9\nhttp://secunia.com/product/95/\n\nDESCRIPTION:\nSun has acknowledged a security issue in Solaris, which potentially\ncan be exploited by malicious people to conduct cross-site scripting\nattacks. This\ncan be exploited to execute arbitrary HTML and script code in a\nuser\u0027s browser session in context of an affected site when combined\nwith certain browser vulnerabilities. It is reportedly not possible\nto disable the TRACE method. \n\nThe security issue has been reported in Solaris 8, 9 and 10 on both\nSPARC and x86 platforms. \n\nSOLUTION:\nApply patches when available. \n\nThe vendor recommends that the SMC may be disabled as a workaround. \n\n-- SPARC Platform --\n\nSolaris 9:\nApply patch 116807-02 or later. \n\n-- x86 Platform --\n\nSolaris 9:\nApply patch 116808-02 or later. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3398"
},
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "BID",
"id": "15222"
},
{
"db": "PACKETSTORM",
"id": "41017"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3398",
"trust": 2.7
},
{
"db": "BID",
"id": "15222",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "17334",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "13090",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#867593",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1015112",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2005-2226",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#288308",
"trust": 0.8
},
{
"db": "BID",
"id": "9561",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018",
"trust": 0.8
},
{
"db": "US GOVERNMENT",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1445",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "102016",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "41017",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "BID",
"id": "15222"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "PACKETSTORM",
"id": "41017"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"id": "VAR-200511-0133",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-23T20:21:22.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "In the news 03-01-24",
"trust": 0.8,
"url": "http://www.apacheweek.com/issues/03-01-24#news"
},
{
"title": "200171",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200171-1"
},
{
"title": "50603",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50603-1"
},
{
"title": "102016",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1"
},
{
"title": "50603",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-50603-3"
},
{
"title": "102016",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-3"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/ja/jp/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/15222"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015112"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17334"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2005/2226"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1445"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2616.txt"
},
{
"trust": 0.8,
"url": "http://www.cgisecurity.com/whitehat-mirror/wh-whitepaper_xst_ebook.pdf"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/tools/urlscan.asp"
},
{
"trust": 0.8,
"url": "http://httpd.apache.org/docs/mod/mod_rewrite.html"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/httponly_cookies.asp"
},
{
"trust": 0.8,
"url": "http://www.w3.org/dom/"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/dhtml_node_entry.asp"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/cookie.asp"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/library/default.asp?url=/library/en-us/xmlsdk/htm/xml_obj_ixmlhttprequest_8bp0.asp"
},
{
"trust": 0.8,
"url": "http://www.apacheweek.com/issues/03-01-24#news"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/13090/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57670-1"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200942-1"
},
{
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?\u0026uid=swg21201202"
},
{
"trust": 0.8,
"url": "http://blogs.sun.com/meena/entry/disabling_trace_in_sun_java"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3398"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3398"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/13090"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/9561"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/288308"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/867593"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2005/2226"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1445"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4813/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/95/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17334/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/94/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "BID",
"id": "15222"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "PACKETSTORM",
"id": "41017"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#867593"
},
{
"db": "BID",
"id": "15222"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"db": "PACKETSTORM",
"id": "41017"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-01-24T00:00:00",
"db": "CERT/CC",
"id": "VU#867593"
},
{
"date": "2005-10-26T00:00:00",
"db": "BID",
"id": "15222"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"date": "2005-10-28T19:44:24",
"db": "PACKETSTORM",
"id": "41017"
},
{
"date": "2005-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"date": "2005-11-01T12:47:00",
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-17T00:00:00",
"db": "CERT/CC",
"id": "VU#867593"
},
{
"date": "2007-06-13T20:09:00",
"db": "BID",
"id": "15222"
},
{
"date": "2009-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000018"
},
{
"date": "2009-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-012"
},
{
"date": "2024-11-21T00:01:47.673000",
"db": "NVD",
"id": "CVE-2005-3398"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sun Solaris Management Console HTTP TRACE Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "15222"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-012"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…