禁用Web服务器the TRACE and TRACK methods,修复80端口httpd漏洞:CVE-2003-1567

漏洞报告显示:
Medium (CVSS: 5.8)
NVT: HTTP Debugging Methods (TRACE/TRACK) Enabled
References
cve: CVE-2003-1567 cve: CVE-2004-2320 cve: CVE-2004-2763 cve: CVE-2005-3398 cve: CVE-2006-4683 cve: CVE-2007-3008 cve: CVE-2008-7253 cve: CVE-2009-2823 cve: CVE-2010-0386 cve: CVE-2012-2223 cve: CVE-2014-7883
bid: 9506
bid: 9561
bid: 11604
Summary
The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods which are used to debug web server connections.
Solution:
Solution type: Mitigation
Disable the TRACE and TRACK methods in your web server con guration. Please see the manual of your web server or the references for more information
漏洞解决:根据建议关闭‘TRACE and TRACK methods ’
处理方法:Apache版本大于2.2,在httpd.conf末尾添加:
TraceEnable off
1.查看Apache版本:httpd -v
版本信息大于2.2
2.在httpd.conf末尾添加TraceEnable off
TraceEnable off
3.验证

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值