SecuritySpace - CVE-2004-2763

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2004-2763

Description: The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-2763
CERT/CC vulnerability note: VU#867593
http://www.kb.cert.org/vuls/id/867593
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html

CVE ID:	CVE-2004-2763
Description:	The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2763 CERT/CC vulnerability note: VU#867593 http://www.kb.cert.org/vuls/id/867593 http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html