Sun Microsystems, Inc. Information for VU#867593

Web servers enable HTTP TRACE method by default



Vendor Statement

The iPlanet Web Server 4.1 and Sun ONE Web Server 6.0 both have HTTP TRACE enabled by default. For details of how to disable HTTP TRACE support, see the following Sun Alert:

Vendor References


If you have feedback, comments, or additional information about this vulnerability, please send us email.