AlienVault has identified a vulnerbility with our Zabbix installation. I'm not sure how to resolve this. May also be a false positive. Could use some help figuring it out. I can't find apache config files on our CentOS (cmd line) installation of zabbix.
------------------------------------------------------------------------
Name:Vulnerability - http TRACE XSS attack
Class:Vulnerability
Type:Vulnerability
Created:2016-06-27 22:35:17 (11 Days 01:27)
Last Update:15:35
In charge:Michael Blower
Submitter
penvas
Extra:AlienVault_INTERNAL_PENDING
IP:192.168.XXX.XXX zabbix
Port:80
Scanner ID:11213
Risk:6
Description:Vulnerability Detection Result:
Solution:
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
See also http://httpd.apache.org/docs/current...ml#traceenable
Summary:
Debugging functions are enabled on the remote HTTP server.
The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject to
cross-site-scripting attacks, dubbed XST for Cross-Site-Tracing, when
used in conjunction with various weaknesses in browsers.
An attacker may use this flaw to trick your legitimate web users to give
him their credentials.
Solution:
Disable these methods.
CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N
References:
CVSS Base Score: 5.8
SID:2
------------------------------------------------------------------------
Name:Vulnerability - http TRACE XSS attack
Class:Vulnerability
Type:Vulnerability
Created:2016-06-27 22:35:17 (11 Days 01:27)
Last Update:15:35
In charge:Michael Blower
Submitter
penvasExtra:AlienVault_INTERNAL_PENDING
IP:192.168.XXX.XXX zabbix
Port:80
Scanner ID:11213
Risk:6
Description:Vulnerability Detection Result:
Solution:
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
See also http://httpd.apache.org/docs/current...ml#traceenable
Summary:
Debugging functions are enabled on the remote HTTP server.
The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject to
cross-site-scripting attacks, dubbed XST for Cross-Site-Tracing, when
used in conjunction with various weaknesses in browsers.
An attacker may use this flaw to trick your legitimate web users to give
him their credentials.
Solution:
Disable these methods.
CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N
References:
CVSS Base Score: 5.8
SID:2
Comment