+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
/etc/apache2/apache2.conf has Include /etc/apache2/conf.d/ which has security.dpkg-dist which has TraceEnable Off but TRACE is on and why should OPTIONS be on too? -- Rev. Jim Tarvid, PCA Galax, Virginia http://ls.net http://drupal.ls.net
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
