Mountain Network Systems (www.mountain-net.com) makers of the WebCart system is a customer of ours. I received email from him after forwarding a copy of the messages on the bugtraq re: webcart. This is a reply I received from him. william Forwarded message: > From support@mountain-net.com Sat Apr 24 07:12:51 1999 > Date: Sat, 24 Apr 1999 07:11:41 -0500 > To: "William Devine, II" <williamat_private> > X-UIDL: 924983340.009 > From: support@mountain-net.com > Subject: Re: FW: Shopping Carts exposing CC data > > Hi William, > > Can you tell me where the signup is or just post this message. > > Good Day, > > We noticed your comment regarding one of our systems. Please be informed > that we clearly state in the manuals how to secure your website when using > the WebCart(r) system. If the website owner elects not to take these steps > information will be exposed. This is not a reflection of the software but > the level of protection the website/store owner wants to give their clients. > > In terms of professional conduct, if you find issues such as these you > should contact the store owner and inform them of this. Not post their > website to everyone in a mailist. You should also make sure you have all > related information prior to making such a bold statement. You have clearly > not read or had access to the manuals which describe in detail the steps to > take to > avoid this issue. > > Best Regards, > Dan > > At 17:07 4/23/99 -0500, you wrote: > > > > > >-----Original Message----- > >From: Bugtraq List [mailto:BUGTRAQat_private] On Behalf Of Bo Elkjaer > >Sent: Friday, April 23, 1999 4:15 PM > >To: BUGTRAQat_private > >Subject: Re: Shopping Carts exposing CC data > > > > > >This is my first post to Bugtraq so please bear with me for any errs and/or > >misconducts. > > > >I'd just like to point out, that Webcart is vulnerable too. > > > >Here goes: > > > > > >Mountain Network Systems Inc. http://www.mountain-net.com > >Platform: ? > >Exposed Directories: /config, /orders (and others. They're all listed in > >config-file) > >Exposed Order Info: orders.txt > >Exposed Config Info: mountain.cfg > >Number of exposed installs: 18+ at a quick glance. Probably more. > >PGP Option Available?: Unknown > >Status: Commercial, ranging from $399 to $4650. > > > > > >Bo Elkjaer, Denmark > > > > > > > > ------------------------------------------------------ > Mountain Network Systems, Inc. (281) 373-1196 > P.O. Box 1362 Cypress, TX 77429 > "Your Internet Programming Source" > > http://www.mountain-net.com > http://www.inet-domains.net > http://www.webstores.net > > ------------------------------ > Sales: sales@mountain-net.com > Support: support@mountain-net.com > ------------------------------ > > Specialist in Advanced Internet Systems . . . making your > website work for you all day everyday. > > Economist estimate a $200 billion online market by the > year 2000. Now is the time to transform your website > into a profit center! > ------------------------------------------------------ >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:52 PDT