Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: http TRACE option
From: Bipin Upadhyay <muxical.geek () gmail com>
Date: Sat, 19 Jan 2008 13:56:42 +0530

pentestr wrote:
Hi,
what is the issue if TRACE option is enabled in web servers ? Nessus results always display it as warning.
any idea...

XST (Cross Site Tracing)

Links:
www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST

[SNIPPED]

Regards,
Bipin Upadhyay.
http://projectbee.org

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault