Cross-Site-TRACE
quackking writes "Uh-oh! Looks bad for RFC 2068! Kudos to WhiteHat out of Santa Clara, CA for this one. ALL current web servers comply with this RFC, which means they ALL are vulnerable to this newly named attack - XST - cross-site-trace.
When misused, TRACE, part of the HTTP protocol, allows an unauthorized script to be passed to a Web server for execution even if the server is secured against running such scripts. Even devices like web-managed routers are open to this."
If you are dumb enough to pay these assholes to post 2 day old news with plenty of spelling errors and their open sores propaganda, then you are just the person I am looking for. I have a great financial opportunity for you in Nigeria...
For being the first one into your ass
does announcing big security vulnerabilities really help everyone stay safe?