CVE-2003-0412

Sun ONE App Server 7.0 - Info Disclosure

Title source: llm

Description

Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=105409846029475&w=2

[Patch, Vendor Advisory] http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1

[Patch, Vendor Advisory] http://www.ciac.org/ciac/bulletins/n-103.shtml

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/7711

[Various Sources] http://www.spidynamics.com/sunone_alert.html

Scores

EPSS 0.0109

EPSS Percentile 77.7%

Classification

Status draft

Affected Products (1)

sun/one_application_server

Timeline

Published Jun 30, 2003

Tracked Since Feb 18, 2026