ClearOS Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


CVE 2010-0386

'The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a related issue to CVE-2004-2763 and CVE-2005-3398.'

ClearCenter response

Short response

ClearOS does not run the Sun Java System Application Server and is not vulnerable to this attack.

Long response

This CVE does not affect ClearOS systems. Only Sun Java System Application Server is susceptible to this CVE. The inclusion of this CVE as being relevant to ClearOS indicates an inability of the audit system to properly identify the running OS or web services application.

Resolution

No action required.

content/en_us/announcements_cve_cve-2010-0386.txt · Last modified: 2014/12/22 11:04 by dloper

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Aannouncements_cve_cve-2010-0386&1563297929