Vulnerabilities

CVE-2004-2763

by Fred · 01/06/2009

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

Date published : 2009-06-01

http://www.kb.cert.org/vuls/id/867593

http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf

Similar

Tags: Cybersecurity Alert