On Fri, 23 Apr 1999, Bo Elkjaer wrote: > This is my first post to Bugtraq so please bear with me for any errs and/or > misconducts. > > I'd just like to point out, that Webcart is vulnerable too. > > Here goes: > > > Mountain Network Systems Inc. http://www.mountain-net.com > Platform: ? > Exposed Directories: /config, /orders (and others. They're all listed in > config-file) > Exposed Order Info: orders.txt > Exposed Config Info: mountain.cfg > Number of exposed installs: 18+ at a quick glance. Probably more. > PGP Option Available?: Unknown > Status: Commercial, ranging from $399 to $4650. > > > Bo Elkjaer, Denmark > Confirmed it, sent a heads-up to mountain-net. Worse, look for "import.txt" and "checks.txt" Import.txt includes every order ever made on the site in a tab-delimited format. *sigh* -- Joe H. Technical Support General Support: supportat_private Blarg! Online Services, Inc. Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:41 PDT