Cross-Site Tracing attack

From: Anita Gillaspey (anonymous_at_discussions.microsoft.com)
Date: 06/08/04

• Next message: Rich: "Re: Delegating Non-Admins as Operators"
• Previous message: Michelle: "AspTear"
• Next in thread: Ken Schaefer: "Re: Cross-Site Tracing attack"
• Reply: Ken Schaefer: "Re: Cross-Site Tracing attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 8 Jun 2004 13:56:02 -0700

I received an message from our Information Security department that says it detected that one of our web servers was vulnerable to a Cross-Site Tracing attack. This server is running Microsoft Server 2000, IIS 5, MSDE SQL Server, and a web app. What do I need to do to protect this web server from a cross-site Tracing attack?

---

• Next message: Rich: "Re: Delegating Non-Admins as Operators"
• Previous message: Michelle: "AspTear"
• Next in thread: Ken Schaefer: "Re: Cross-Site Tracing attack"
• Reply: Ken Schaefer: "Re: Cross-Site Tracing attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.inetserver.iis.security  > 2004-06