Hosting Provided By

TRACE used to increase the dangerous of XSS.

From: Jeremiah Grossman <jeremiah(at)whitehatsec.com>
Date: Wed Jan 22 2003 - 15:32:58 EST

WhiteHat Security has released a new white paper discussing a new class of web-app-sec attack (XST) which potentially affects all web servers supporting TRACE.

The white paper explains all the detailed technical results we have found so far. We are fairly certain this particular issue will spark much debate and encourage those interested to read and comment.

White Paper Mirrors:

http://www.betanews.com/whitehat/WH-WhitePaper_XST_ebook.pdfhttp://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdfhttp://www.boarder.org/WH-WhitePaper_XST_ebook.pdfhttp://www.forumgalaxy.com/whmirror/WhitePaper_screen.pdf

Press Release
http://www.whitehatsec.com/press_releases/WH-PR-20030120.txt Received on Wed Jan 22 15:59:02 2003

This message: [ Message body ]
Next message: Mark Curphey: "List is a little sporadic"
Previous message: shadgar(at)cs.bris.ac.uk: "security of interactive webpages"
Next in thread: Richard M. Smith: "RE: TRACE used to increase the dangerous of XSS."
Reply: Richard M. Smith: "RE: TRACE used to increase the dangerous of XSS."
Reply: Doug Monroe: "Re: TRACE used to increase the dangerous of XSS."
Reply: Sverre H. Huseby: "Re: TRACE used to increase the dangerous of XSS."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:47 EDT