For the past couple weeks and at least a couple more, Intevydis blog is releasing a new, 0-day exploit every day. Today’s exploit is of particular concern for myself as it has to do with Sun Java System Web Server and I administer several servers that use SJSWS.
TRACE is used as a debugging command. The idea is you send an HTTP request using the TRACE method and the web server repeats back your entire request. Best practice is to disable this feature entirely on any production or internet-facing web server. The reason being that an attacker could potentially use TRACE to steal cookie and password information.
So if you’ve been paying attention to your web server’s security you’re probably already safe against this exploit, but if not you need to learn how to disable TRACE for your web server. That link is for SJSWS folks like myself, but there are instructions on the internet for many other servers like Apache. So hit up your nearest search engine and get your server protected.