翻訳と辞書 |
Cross-site tracing : ウィキペディア英語版 | Cross-site tracing
In web security, cross-site tracing (abbreviated "XST") is a network security vulnerability exploiting the HTTP TRACE method. XST scripts exploit ActiveX, Flash, or any other controls that allow executing an HTTP TRACE request. The HTTP TRACE response includes all the HTTP headers including authentication data and HTTP cookie contents, which are then available to the script. In combination with cross domain access flaws in web browsers, the exploit is able to collect the cached credentials of any web site, including those utilizing SSL. ==External links==
*(Cross-site tracing on use Perl. ) *(Vulnerability Note VU#867593 - Multiple vendors' web servers enable HTTP TRACE method by default ) *(WhiteHat Security - Whitepaper - Cross-Site Tracing (XST) )
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Cross-site tracing」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|