Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
BID:9561
Info
Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
| Bugtraq ID: | 9561 |
| Class: | Access Validation Error |
| CVE: |
CVE-2004-2763 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 02 2004 12:00AM |
| Updated: | Aug 28 2009 03:32PM |
| Credit: | The disclosure of this issue has been credited to the vendor. |
| Vulnerable: |
Sun ONE Web Server 6.1 Sun ONE Web Server 6.0 SP5 Sun ONE Web Server 6.0 SP4 Sun ONE Web Server 6.0 SP3 Sun ONE Web Server 6.0 SP2 Sun ONE Web Server 6.0 SP1 Sun ONE Web Server 6.0 Sun ONE Web Server 4.1 SP9 Sun ONE Web Server 4.1 SP8 Sun ONE Web Server 4.1 SP7 Sun ONE Web Server 4.1 SP6 Sun ONE Web Server 4.1 SP5 Sun ONE Web Server 4.1 SP5 Sun ONE Web Server 4.1 SP4 Sun ONE Web Server 4.1 SP3 Sun ONE Web Server 4.1 SP2 Sun ONE Web Server 4.1 SP12 Sun ONE Web Server 4.1 SP11 Sun ONE Web Server 4.1 SP10 Sun ONE Web Server 4.1 SP1 Sun ONE Web Server 4.1 Sun Java System Web Server 7.0 Plugin 0 Sun Java System Web Server 7.0 Update 3 Sun Java System Web Server 7.0 Update 2 Sun Java System Web Server 7.0 Update 1 Sun Java System Web Server 7.0 |
| Not Vulnerable: | |
Discussion
Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
Sun ONE/iPlanet Web Server is prone to a credentials-theft vulnerability that that may allow a remote attacker to steal sensitive information such as cookie-based authentication credentials. The issue occurs because ONE/iPlanet Web Server responds to the HTTP TRACE request by default.
Successful exploits may allow the attacker to compromise user accounts by gaining access to sensitive header information. This issue may be combined with other attacks such as cross-site scripting to steal cookie-based authentication credentials.
Sun ONE/iPlanet Web Server is prone to a credentials-theft vulnerability that that may allow a remote attacker to steal sensitive information such as cookie-based authentication credentials. The issue occurs because ONE/iPlanet Web Server responds to the HTTP TRACE request by default.
Successful exploits may allow the attacker to compromise user accounts by gaining access to sensitive header information. This issue may be combined with other attacks such as cross-site scripting to steal cookie-based authentication credentials.
Exploit / POC
Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
No exploit code is required.
No exploit code is required.
Solution / Fix
Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
References:
References: