We use QualysGuard to test our system for exploitations. I believe it's
an IBM owned company. It has this issue with our Domino (and/or Quickr)
served external websites. It this something to be concerned about? If so
what actions are recommended?
188.8.131.52 (xqp02.dekko.com, -)
OS/400 on AS/400
Vulnerabilities (4) Expand all vulnerabilities Collapse all
HTTP TRACE / TRACK Methods Enabled port 80/tcp
CVE-2004-2320 CVE-2010-0386 CVE-2003-1567
The remote Web server supports the TRACE and/or TRACK HTTP methods,
which makes it easier for remote attackers to steal cookies and
authentication credentials or bypass the HttpOnly protection mechanism.
If this vulnerability is successfully exploited, attackers can
potentially steal cookies and authentication credentials, or bypass the
HttpOnly protection mechanism.
Disable these methods in your web server's configuration file.
There is no exploitability information for this vulnerability.
There is no malware information for this vulnerability.
TRACE method enabled on / directory
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2021 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.