Re: Sprint PCS vulnerable to malicious tags

From: James Seymour (jseymourat_private)
Date: Mon Feb 07 2000 - 04:46:24 PST

Next message: Jon Paul, Nollmann: "Re: Evil Cookies."

Previous message: Jesús López de Aguileta: "More SQL hacking with IIS 4 through Access Driver"
Maybe in reply to: Paul Schreiber: "Sprint PCS vulnerable to malicious tags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Message-ID:  <20000204192231.560.qmailat_private>
> Date:         Fri, 4 Feb 2000 19:22:31 -0000
> From: Paul Schreiber <shrubat_private>
> Subject:      Sprint PCS vulnerable to malicious tags
>
> I'm sure you're all familiar with the CERT advisory:
>   http://www.cert.org/advisories/CA-2000-02.html
>
> Sprint PCS's web site is vulnerable to this flaw. ...
[snip]
>

I'm not trying to down-play the significance of this: but I think
we all know that there are likely literally thousands of Web sites
all over the world--perhaps many of them as dependent as SprintPCS
on using Web forms for processing sensitive (customer) data.  If
they're all reported here...


Regards,
Jim
--
Jim Seymour                         | Medar, Inc.
jseymourat_private                  | 24775 Crestview Ct.
Systems & Network Administrator     | Farmington Hills, MI. 48335
                                    | FAX: (248)477-8897

Next message: Jon Paul, Nollmann: "Re: Evil Cookies."
Previous message: Jesús López de Aguileta: "More SQL hacking with IIS 4 through Access Driver"
Maybe in reply to: Paul Schreiber: "Sprint PCS vulnerable to malicious tags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:44 PDT