Knight of Mars (sailornash) wrote,
Knight of Mars

News from Slashdot


"Uh-oh! Looks bad for RFC 2068! Kudos to WhiteHat out of Santa Clara, CA for this one. ALL current web servers comply with this RFC, which means they ALL are vulnerable to this newly named attack - XST - cross-site-trace. When misused, TRACE, part of the HTTP protocol, allows an unauthorized script to be passed to a Web server for execution even if the server is secured against running such scripts. Even devices like web-managed routers are open to this."

Don't know if this is what's going on, but it seems likely. I'm gonna hit the Internet lock on my Zone Alarm software and just wait till the morning and see what's known by then. Night, everyone! >_
  • Post a new comment


    Comments allowed for friends only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded