Oval Definition:	oval:org.mitre.oval:def:1482
Revision Date: 2005-10-12 Version: 18 Title: Management Console Directory Traversal Vulnerability Description: The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inacessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-1354 Platform(s): Sun Solaris 8 Sun Solaris 9 Product(s): Solaris Management Console (SMC) Definition Synopsis Software section Solaris 8 or 9 installed Solaris 8 Installed OR Solaris 9 Installed AND Solaris Management Console Web Components (SUNWwbmc) installed AND NOT Patch 111313-02 or later installed AND NOT Patch 116807-01 or later installed AND Configuration section smcboot running
BACK