network security news, articles, tools, links...
Dropped here by your search engine? Use the same keyword in the google box below to search this site.
About three years ago, the concept of "Cross Site Tracing" [1] was introduced to the web application security community. In essence, the classic XST is about amplifying an existing XSS vulnerability such that HttpOnly cookies and HTTP authentication credentials can be compromised. This is done using a client side XmlHttpRequest object that sends a TRACE request back to the server, receives the request echoed back by the server's TRACE function, and extracts the information from the echoed back request. The recommendation in [1] is to turn off TRACE support in the web server, which indeed takes care of the attack as described.
However, let us now consider a situation wherein there is a proxy server somewhere between the client (browser) and the server. In such case, it is possible to force the proxy server (at least, in theory) to respond to the TRACE request, rather than the origin server itself. Thus, HTTP TRACE can still be used to compromise the credentials of the user, even if the server does not support the TRACE request. Cgisecurity.com: Web security News - 01/25/05 XST Strikes Back (or perhaps "Return from the Proxy"...)
| XST Strikes Back |
However, let us now consider a situation wherein there is a proxy server somewhere between the client (browser) and the server. In such case, it is possible to force the proxy server (at least, in theory) to respond to the TRACE request, rather than the origin server itself. Thus, HTTP TRACE can still be used to compromise the credentials of the user, even if the server does not support the TRACE request. Cgisecurity.com: Web security News - 01/25/05 XST Strikes Back (or perhaps "Return from the Proxy"...)
More News
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Top 10 Network Security Threats
- Big leap in malicious Web sites
- Network security makes a quantum leap
- Microsoft Preps 11 Security Bulletins for Patch Tuesday
- Practical Defense in Depth
- Apple releases another mega-patch for Mac OS X
- Security flaw in smart cards poses risk for transit, building access
- Free TrojanProof Password Tool Released for Windows
- Security scans with OpenVAS
- Do ISPs pose a bigger online privacy threat than Google
- HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
- Anatomy of a botnet
- Microsoft patches 8 critical bugs in Windows, Office
- Virtualization users should expect more attacks
- Threat From DNS Bug Is not Over, Experts Say
You are browsing the old version of "The Network Security. Org", Please
click here to visit the
new version.
Categories
Web Security
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main() [function.include]: Failed opening 'ad_network_213.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php:../:../../:../../../:../../../../') in /home/thenetw/public_html/news/View.php on line 282