Vulnerability Database

320,453

Total vulnerabilities in the database

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

Published: Nov 1, 2005
Updated: Nov 9, 2025
CVE: CVE-2005-3398
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
sun / sunos	5.8	5.8.x
sun / solaris	10.0	10.0.x
sun / solaris	9.0	9.0.x

http://secunia.com/advisories/17334
http://securitytracker.com/id?1015112
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1
http://www.securityfocus.com/bid/15222
http://www.vupen.com/english/advisories/2005/2226
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1445

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo