Cross site tracking attack in Apache

[HTTP TRACK / TRACE]

This vulnerability is actually a problem that IIS also has, but the solution I will provide is for Apache only.

The problem is that a user can use the HTTP TRACK / TRACE method to get session information including cookies!

To prevent the attackers use this in your httpd.conf or .htaccess  :

Code:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

Sounds like a serious vulnerability.

Thanks for sharing. I will add it to my .htaccess file.

I am using Apache 2.0.55 version in Solaris 8 platform. But due to "RewriteEngine On"  in apache module , there was a Apache - Mod_Rewrite - Off-By-One Buffer Overflow Issue. So i upgraded to Apache 2.0.59. Now i also need to disable Http Trace method in the apache version. But if i change Rewrite Off to Rewrite On in apache httpd.config file to disable Http Trace, it will again introduce Apache - Mod_Rewrite - Off-By-One Buffer Overflow Issue. Thus can you provide any other alternative solution for Http Trace issue.

[Promote your blog for free....]

I am afraid this can't be done without modifying the  source code of Apache....

So I guess you will have to leave one of these vulnerabilities open. Or maybe check how this overflow is running in Solaris. To use the HTTP_TRACE mod_rewrite rule, you need to apply it in your httpd.conf file. Maybe the mod_rewrite overflow problem is happening for certain rules, or in general happens under some circumstances.

[Guest]

[34.925]

Yahoo crawler, Googlebot, Gigabot, Paradroid