Update for plugin 11213 (xst_http_trace.nasl) to add iPlanet/SunOne fix information. *** xst_http_trace.nasl_old Thu Oct 23 14:51:50 2003 --- xst_http_trace.nasl Thu Oct 23 14:57:40 2003 *************** *** 42,51 **** --- 42,65 ---- requests or to permit only the methods needed to meet site requirements and policy. + If you are using Sun ONE Web Server releases 6.0 SP2 and later, add the + following to the deafult object section in obj.conf: + <Client method="TRACE"> + AuthTrans fn="set-variable" + remove-headers="transfer-encoding" + set-headers="content-length: -1" + error="501" + </Client> + If you are using Sun ONE Web Server releases 6.0 SP2 or below, compile + the NSAPI plugin located at: + http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603 + See http://www.whitehatsec.com/press_releases/WH-PR-20030120.pdf http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0035.html + http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603 + http://www.kb.cert.org/vuls/id/867593 Risk factor : Medium"; -- http://www.cirt.net/
This archive was generated by hypermail 2b30 : Thu Oct 23 2003 - 11:53:25 PDT