[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Problem with active monitor and apache config
- Subject: [cobalt-users] Problem with active monitor and apache config
- From: desa15@xxxxxxxx
- Date: Mon Feb 9 09:24:00 2004
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
I have a Raq550, i audit my cobalt with nessus.
And report the following security hole in apache.
Your webserver supports the TRACE and/or TRACK methods. It has been shown
that servers supporting this method are subject
to cross-site-scripting attacks, dubbed XST for 'Cross-Site-Tracing', when
used in conjunction with
various weaknesses in browsers.
An attacker may use this flaw to trick your legitimate web users to give
him their credentials.
Solution: Disable these methods.
If you are using Apache, add the following lines for each virtual host in
your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^ (TRACE|TRACK)
RewriteRule .* - [F]
See http://www.whitehatsec.com/press_releases/WH-PR-20030120.pdf
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0035.html
Risk factor : Medium
I put the RewriteCond in each virtual host file and change the following in
the access.conf
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/home/sites/www.domain1.com">
Order allow,deny
Allow from all
</Directory>
<Directory "/home/sites/www.domain2.com">
Order allow,deny
Allow from all
</Directory>
I restarted the httpd and all work ok, but my active monitor say that the
apache is stopped (red light, several problem)
The apache is work, and all my domains work ok, how solution this ??
Un saludo, Danny