Oval Definition:oval:org.mitre.oval:def:1445
Revision Date:2006-02-22Version:17
Title:SMC TRACE HTTP Vulnerability
Description:The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-3398
Platform(s):Sun Solaris 10
Sun Solaris 8
Sun Solaris 9
Product(s):Solaris Management Console
Definition Synopsis
  • Solaris 8 (SPARC) meets Sun Alert ID 102016 criteria.
  • Solaris 8 Installed
  • AND Installed architecture is sparc
  • AND NOT Patch 111313-03 or later installed
  • OR Solaris 8 (x86) meets Sun Alert ID 102016 criteria.
  • Solaris 8 Installed
  • AND ix86 architecture
  • AND NOT Patch 111314-03 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert ID 102016 criteria.
  • Solaris 9 Installed
  • AND Installed architecture is sparc
  • AND NOT Patch 116807-02 or later installed
  • OR Solaris 9 (x86) meets Sun Alert ID 102016 criteria.
  • Solaris 9 Installed
  • AND ix86 architecture
  • AND NOT Patch 116808-02 or later installed
  • OR Solaris 10 (SPARC) meets Sun Alert ID 102016 criteria.
  • Solaris 10 Installed
  • AND Installed architecture is sparc
  • AND NOT Patch 121308-01 or later installed
  • OR Solaris 10 (x86) meets Sun Alert ID 102016 criteria.
  • Solaris 10 Installed
  • AND ix86 architecture
  • AND NOT Patch 121309-01 or later installed
    • BACK