http://www.pcworld.com/businesscenter/article/159861/hacker_claims_sql_bug_on_symantec_site.html By Robert McMillan IDG News Service February 19, 2009 A Romanian hacker who has spent the past few weeks exposing a common, but dangerous, Web programming error on security vendors Web sites says he's found a SQL injection flaw on Symantec's Web site. But Symantec says it's not a security issue. Still, Symantec was forced to pull down a section of the company's Web site Thursday after a Romanian hacker, going by the name Unu, claimed that he'd found the bug in Symantec's Document Download Center, a password-protected part of the company's site where channel partners can download sales materials for the company's products. The site hosts marketing materials and Symantec said that no company or customer information was exposed. "Symantec immediately took the site down, conducted comprehensive testing and determined that the issue is not a security vulnerability," the company said in a statement Thursday. "It appears that the individual who reported it based the report on an error message." [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Fri Feb 20 2009 - 01:46:02 PST
This archive was generated by hypermail 2.2.0 : Fri Feb 20 2009 - 01:52:09 PST