Hosting Provided By

Re: [VulnDiscuss] Re: TRACE used to increase the dangerous of XSS.

From: Kevin Spett <kspett(at)spidynamics.com>
Date: Thu Jan 23 2003 - 13:32:13 EST

> I am not familiar with any HTTP aware network based firewalls which have
> the ability to see inside of an HTTP request looking for TRACE and then
> deny. Likely because its too much overhead per request. But hey, I could
> be wrong, maybe there is one.

Reverse proxy servers could probably do this pretty easily.

Kevin Spett
SPI Labs
http://www.spidynamics.com/ Received on Thu Jan 23 14:16:30 2003

This message: [ Message body ]
Next message: Marc Slemko: "Re: New Web Vulnerability - Cross-Site Tracing (fwd)"
Previous message: Gary Flynn: "Re: New Web Vulnerability - Cross-Site Tracing (fwd)"
In reply to: Jeremiah Grossman: "Re: TRACE used to increase the dangerous of XSS."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:47 EDT