cve-2004-2763
Vulnerability from cvelistv5
Published
2009-06-01 22:00
Modified
2024-09-17 00:11
Severity ?
Summary
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
References
cve@mitre.orghttp://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html
cve@mitre.orghttp://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfExploit
cve@mitre.orghttp://www.kb.cert.org/vuls/id/867593US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdfExploit
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/867593US Government Resource
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:36:25.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#867593",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/867593"
          },
          {
            "name": "50603",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-06-01T22:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#867593",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/867593"
        },
        {
          "name": "50603",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2763",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#867593",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/867593"
            },
            {
              "name": "50603",
              "refsource": "SUNALERT",
              "url": "http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html"
            },
            {
              "name": "http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf",
              "refsource": "MISC",
              "url": "http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2763",
    "datePublished": "2009-06-01T22:00:00Z",
    "dateReserved": "2009-06-01T00:00:00Z",
    "dateUpdated": "2024-09-17T00:11:42.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"15614FEE-BE44-493D-8F4B-B68F90BA1C4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"EAFDD45B-9AA9-46A9-9452-6F7026DAB8B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:*:*:*:*:*:*\", \"matchCriteriaId\": \"881584F0-6E53-4E08-A394-911CCD7179B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"74307012-2D6B-4D7E-BB6E-B6515E37149D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp11:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AA735E6-0E26-47E0-B779-8688B058847E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp11:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"2CACFD40-A33F-4C4C-8CC1-3111E3399D07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp12:*:*:*:*:*:*\", \"matchCriteriaId\": \"17872BB7-BD29-4EB8-8270-97157B991336\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp12:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"12A2A214-156B-4092-B72E-55875A068EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5608C463-921D-4640-B9F5-1C7E2F99DFA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"CC15E6D1-5E34-4BA0-83AA-32843BBE34EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BB8A1FD-2B13-4D52-A685-822FC49D61D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"B199A631-70D8-4FA5-BFAA-46EA768223D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD3C8D8A-D9EC-4DB2-B2E2-3B3BFC6AF369\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"14BE8733-6B79-406D-8AD4-1A034D93CA21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EA69FCA-EAD5-4BA9-8AF5-2FDC617B77E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"431E382F-3638-43FE-978E-6FB72C0406A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:*:*:*:*:*:*\", \"matchCriteriaId\": \"D84C0F92-BA3D-47E3-A89C-F7BFE70F1A50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"E85940EC-E144-4B26-B2FB-A4985FE852C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:*:*:*:*:*:*\", \"matchCriteriaId\": \"B05F9BD8-4A97-4E30-9D87-C54D2C688C85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"8BFAEFD1-D6E0-4401-A81E-9B73DF6C4600\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:*:*:*:*:*:*\", \"matchCriteriaId\": \"30EBB2AE-CC19-455C-8338-DC99649128E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"271C69BC-E8B9-4E95-91F0-719FDC71E31F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:*:*:*:*:*:*\", \"matchCriteriaId\": \"E97E6E0E-88BA-4EF3-83D3-F3A49076C6AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"38178E55-35F2-407E-906C-CDA706881684\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:6.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7383260B-83F0-4915-BFF3-BAD5C3228B26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:6.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F8A1D4E-B671-4ADA-B9EA-B01BF7C17F61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:6.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"53779E82-8FB9-498D-9E1C-4B7671E722D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:6.0:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61702CF-2660-4CC0-9563-B0DCD363B9DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:iplanet_web_server:6.0:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3AEFF59-9E04-497C-81B0-D664BA52AC4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33621D67-8191-42EE-8859-8B5FC30F935A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C6F8563-701E-4E54-A0C9-67E9DF74D60D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4022E5C6-5651-45DD-AF73-89CF38E71D9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp11:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEF4CFCE-DEEC-4652-A96F-0C7B5A88175A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp12:*:*:*:*:*:*\", \"matchCriteriaId\": \"873034EA-B3C6-43E6-AE98-A04598D9A392\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE01BAC9-DC57-4BC8-9BFB-9C7C94A516A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CEA91AD-443D-4856-AC7A-3DDE0791134D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"07C1D4DC-252A-4602-A916-32E51CCA75B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"526D2FAD-4241-412C-8863-B273D3733153\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp6:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8A796CB-D675-49FC-98BA-4D527211C70D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp7:*:*:*:*:*:*\", \"matchCriteriaId\": \"8693959B-7D5D-414B-8660-2A693AF24541\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp8:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BDC4A06-33A1-4619-B870-7F2AF1D332F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:4.1:sp9:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A445032-AD7B-4971-B175-DF3183A4A12C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"38698A3B-9597-4BC9-B112-BB908C3DE86B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"78587B6D-2A95-4714-9632-4F75CD552E7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"279FE555-E290-4B17-855D-781C9B58ED55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4493C646-DF4B-45C7-86F7-A71AC9B1CA97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"689F0A9F-8F34-4958-B869-C4FB8BC02406\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.\"}, {\"lang\": \"es\", \"value\": \"La configuraci\\u00f3n por defecto de Sun ONE/iPlanet Web Server v4.1 SP! al SP2 y v6.0 SP1 al SP5 responde a las peticiones HTTP TRACE, lo que puede permitir a atacantes remotos el robo de informaci\\u00f3n usando ataques de seguimiento de trazas en sitios cruzados (XST) en aplicaciones vulnerables a ataques de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados.\"}]",
      "id": "CVE-2004-2763",
      "lastModified": "2024-11-20T23:54:09.850",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-06-01T22:30:00.217",
      "references": "[{\"url\": \"http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/867593\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/867593\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-16\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-2763\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-06-01T22:30:00.217\",\"lastModified\":\"2024-11-20T23:54:09.850\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.\"},{\"lang\":\"es\",\"value\":\"La configuraci\u00f3n por defecto de Sun ONE/iPlanet Web Server v4.1 SP! al SP2 y v6.0 SP1 al SP5 responde a las peticiones HTTP TRACE, lo que puede permitir a atacantes remotos el robo de informaci\u00f3n usando ataques de seguimiento de trazas en sitios cruzados (XST) en aplicaciones vulnerables a ataques de ejecuci\u00f3n de secuencias de comandos en sitios cruzados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-16\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"15614FEE-BE44-493D-8F4B-B68F90BA1C4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp1:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"EAFDD45B-9AA9-46A9-9452-6F7026DAB8B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:*:*:*:*:*:*\",\"matchCriteriaId\":\"881584F0-6E53-4E08-A394-911CCD7179B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp10:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"74307012-2D6B-4D7E-BB6E-B6515E37149D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA735E6-0E26-47E0-B779-8688B058847E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp11:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"2CACFD40-A33F-4C4C-8CC1-3111E3399D07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp12:*:*:*:*:*:*\",\"matchCriteriaId\":\"17872BB7-BD29-4EB8-8270-97157B991336\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp12:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"12A2A214-156B-4092-B72E-55875A068EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5608C463-921D-4640-B9F5-1C7E2F99DFA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp2:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"CC15E6D1-5E34-4BA0-83AA-32843BBE34EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB8A1FD-2B13-4D52-A685-822FC49D61D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp3:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"B199A631-70D8-4FA5-BFAA-46EA768223D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD3C8D8A-D9EC-4DB2-B2E2-3B3BFC6AF369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp4:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"14BE8733-6B79-406D-8AD4-1A034D93CA21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EA69FCA-EAD5-4BA9-8AF5-2FDC617B77E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp5:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"431E382F-3638-43FE-978E-6FB72C0406A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D84C0F92-BA3D-47E3-A89C-F7BFE70F1A50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp6:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"E85940EC-E144-4B26-B2FB-A4985FE852C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"B05F9BD8-4A97-4E30-9D87-C54D2C688C85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp7:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"8BFAEFD1-D6E0-4401-A81E-9B73DF6C4600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"30EBB2AE-CC19-455C-8338-DC99649128E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp8:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"271C69BC-E8B9-4E95-91F0-719FDC71E31F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"E97E6E0E-88BA-4EF3-83D3-F3A49076C6AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:4.1:sp9:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"38178E55-35F2-407E-906C-CDA706881684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:6.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7383260B-83F0-4915-BFF3-BAD5C3228B26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:6.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8A1D4E-B671-4ADA-B9EA-B01BF7C17F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:6.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"53779E82-8FB9-498D-9E1C-4B7671E722D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:6.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61702CF-2660-4CC0-9563-B0DCD363B9DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:iplanet_web_server:6.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3AEFF59-9E04-497C-81B0-D664BA52AC4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33621D67-8191-42EE-8859-8B5FC30F935A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C6F8563-701E-4E54-A0C9-67E9DF74D60D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4022E5C6-5651-45DD-AF73-89CF38E71D9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp11:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF4CFCE-DEEC-4652-A96F-0C7B5A88175A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp12:*:*:*:*:*:*\",\"matchCriteriaId\":\"873034EA-B3C6-43E6-AE98-A04598D9A392\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE01BAC9-DC57-4BC8-9BFB-9C7C94A516A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CEA91AD-443D-4856-AC7A-3DDE0791134D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C1D4DC-252A-4602-A916-32E51CCA75B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"526D2FAD-4241-412C-8863-B273D3733153\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8A796CB-D675-49FC-98BA-4D527211C70D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"8693959B-7D5D-414B-8660-2A693AF24541\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BDC4A06-33A1-4619-B870-7F2AF1D332F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:4.1:sp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A445032-AD7B-4971-B175-DF3183A4A12C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"38698A3B-9597-4BC9-B112-BB908C3DE86B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"78587B6D-2A95-4714-9632-4F75CD552E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"279FE555-E290-4B17-855D-781C9B58ED55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4493C646-DF4B-45C7-86F7-A71AC9B1CA97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"689F0A9F-8F34-4958-B869-C4FB8BC02406\"}]}]}],\"references\":[{\"url\":\"http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/867593\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://archive.cert.uni-stuttgart.de/uniras/2004/02/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/867593\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.