Sun ONE/iPlanet Web Server HTTP TRACE Method Cross-Site Scripting Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

概要

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1000126