it's been a while since I visited this forum, but my Freesco is purring like a kitten and I only have an odd few moments for myself.
In these few sparse moments I was fooling around with a pentesting tool to check my Freesco services.
One of those tests said the Apache I am running on my Freesco is vulnerable to "Cross Site Tracing".
The web server at "http://172.16.0.254/" is vulnerable to Cross Site Tracing. This vulnerability was found in the request with id 26.
I did some google-ing and found a "solution" for this vulnerability.
It suggests I use the "TraceEnable Off in Apache, but it doesn't state where.
So here are my questions...
Is my Apache really vulnerable for this exploit?
and just in case... where should this "TraceEnable Off" be configured?
server: Apache/1.3.27 (Unix) mod_perl/1.27 PHP/4.3.1 mod_mp3/0.39
Apache 1.3.27 Dingetje
Perl 5.6.1 Dingetje
Mysql 3.23.37 Lightning