Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2004-2763

EPSS 1.02% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-2763

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sun ONE/iPlanet Web Server HTTP TRACE信息窃取漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Sun ONE/iPlanet是Sun公司推出的智能Web服务的软件组合系统,其中包含Sun ONE统一开发服务器,Sun ONE应用服务器可安装在Windows和Unix操作系统上。 Sun ONE/iPlanet对HTTP TRACE请求处理存在问题,远程攻击者可以利用这个漏洞窃取一些基于验证的如COOKIE等敏感信息 。问题是由于Sun ONE/iPlanet默认情况下对HTTP TRACE请求的应答处理不正确,结合跨站脚本问题及使用HTTP TRACE方法对Sun ONE/iPlanet服务器进行
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2004-2763

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2004-2763

Please Login to view more intelligence information

Same Patch Batch · n/a · 2009-06-01 · 20 CVEs total

CVE-2009-1847Easy PX 41 CMS "index.php" 多个目录遍历漏洞
CVE-2003-1573Sun J2EE/RI Pointbase数据库远程命令执行漏洞
CVE-2003-1572Sun Java Media Framework未明远程拒绝服务攻击漏洞
CVE-2009-1854Cmsnx Million Dollar Text Links cookie权限管理和访问控制漏洞
CVE-2009-1853Kensei Board "index.php" SQL注入漏洞
CVE-2009-1852Graphiks MyForum Login 多个SQL注入漏洞
CVE-2009-1851Paessler phpBugTracker 'include.php' SQL注入漏洞
CVE-2009-1850Paessler phpBugTracker 'index.php' SQL注入漏洞
CVE-2009-1849PRTG Traffic Grapher Monitor_Bandwidth函数跨站脚本漏洞
CVE-2009-1848JoomlaMe AgoraGroups SQL注入漏洞
CVE-2008-6817Mole Group Lastminute Script明文信息泄露漏洞
CVE-2009-1846bjsintay sitex 多个目录遍历漏洞
CVE-2009-1845Lussumo Vanilla ajax/updatecheck.php模块跨站脚本漏洞
CVE-2009-1805VMware Workstation 驱动"Products Descheduled Time Accounting" 未明拒绝服务漏洞
CVE-2008-6819Microsoft Windows win32k.sys驱动本地权限提升漏洞
CVE-2009-1844Drupal Taxonomy Vocabulary 多个跨站脚本攻击漏洞
CVE-2009-1843Flash Quiz多个SQL注入漏洞
CVE-2009-1842PHP-Nuke 'userLog.php' SQL注入漏洞
CVE-2008-6818Mole Group Real Estate Script明文信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2004-2763

No comments yet

Leave a comment