New Web Vulnerability - Cross-Site Tracing

[Pete Soderling <pete () petesoder com>]

I thought this news might interest the group ...

ExtremeTech (http://extremetech.com) just released an article on a new type of vulnerability recently reported to CERT, 
Cross-Site Tracing (XST).

"After months of extensive research, San Jose California-based WhiteHat Security has unmasked a flaw in one of the 
Web's cornerstone protocols which places all e-commerce sites, as well as scores of Internet users, in jeopardy.

This threat was discovered by application security research firm WhiteHat, and is detailed in David's story below. 
White Hat Security was started by a former CTO from Ungermann-Bass, and an Information Security officer at Yahoo!."

Read the entire post at: http://www.extremetech.com/article2/0,3973,841047,00.asp

--petesoder