Hosting Provided By

Re: TRACE used to increase the dangerous of XSS.

From: Doug Monroe <doug(at)planetconnect.com>
Date: Wed Jan 22 2003 - 21:28:21 EST

Jeremiah Grossman wrote:
>
> WhiteHat Security has released a new white paper discussing a new class
> of web-app-sec attack (XST) which potentially affects all web servers

thanks for the interesting findings.
Respectfully- the apache solution proposed by RFP in the "Server Specific Recommendation" might alternatively be crafted as: RewriteEngine on
RewriteCond %{REQUEST_METHOD} !^(GET|POST)$ RewriteRule .* - [F] Received on Wed Jan 22 23:15:34 2003

This message: [ Message body ]
Next message: Jeremiah Grossman: "Re: TRACE used to increase the dangerous of XSS."
Previous message: Jeremiah Grossman: "RE: TRACE used to increase the dangerous of XSS."
In reply to: Jeremiah Grossman: "TRACE used to increase the dangerous of XSS."
In reply to Richard M. Smith: "RE: TRACE used to increase the dangerous of XSS."
Next in thread: Jeremiah Grossman: "Re: TRACE used to increase the dangerous of XSS."
Reply: Jeremiah Grossman: "Re: TRACE used to increase the dangerous of XSS."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:47 EDT