Re: *MAJOR SECURITY BREACH AT CCBILL**

From: l0rtamus Prime (simonat_private)
Date: Wed Dec 19 2001 - 14:49:57 PST

Next message: Rick Darsey: "RE: *MAJOR SECURITY BREACH AT CCBILL**"

Previous message: Matthew Leeds: "RE: NT Compromise"
In reply to: Dayne Jordan: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Next in thread: Robert van der Meulen: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Next in thread: NESTING, DAVID M (SBCSI): "RE: *MAJOR SECURITY BREACH AT CCBILL**"
Reply: Robert van der Meulen: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Also on this note:
	Did you request permission to disclose this information from CBILL to
this list?  I know that many companies prefer to deal with issues like
this on their own and have their own controlled ways of disclosing
information.

	I am asking because I know of a site that has similar issues (not
nearly as serious).  When I contacted the person responsible he flat out
insulted me and accused me of trying to make money off of his
vulnerability. (which is not the case at all.) When I asked him if he
would like me to explain the issue he said "no" and hung up the phone.

	The problem with his web site is a simple perl issue that any average
perl programmer can figure out. Any advice on what I should do?  Should
I post a full disclosure?  

I have tried to contact him, his ISP (verio) and other people but thus
far have yet to speak to anyone reasonable.





On Wed, 2001-12-19 at 15:16, Dayne Jordan wrote:
> Yes, I notitifed CCBILL/Cavecreek.Net at approx. 4:00am EST.
> I spoke directly with their network security. 
> 
> As of this morning, they are unreachable as they are all in
> a meeting. The person I spoke with this morning over there told
> me that they are meeting regarding this situation right now
> and would make an announcement to their customers soon.
> 
> D.
> ============
> 
> H C wrote:
> > 
> > Dayne,
> > 
> > > It is my opinion that Cavecreek/CCBILL has had a
> > > breach of security
> > > thus releasing user ids and logins on various
> > > servers around the
> > > internet. CCBILLS customer base is in the tens of
> > > thousands.
> > 
> > Just out of curiosity, did you happen to contact
> > anyone at CCBILL prior to posting this information to
> > a public list server?
> > 
> > __________________________________________________
> > Do You Yahoo!?
> > Check out Yahoo! Shopping and Yahoo! Auctions for all of
> > your unique holiday gifts! Buy at http://shopping.yahoo.com
> > or bid at http://auctions.yahoo.com
> 
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com
> 
> 
-- 
Regards,
	l0rtamus Prime
	
	----------------------------------------------
	"The best defense against logic is ignorance."


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Rick Darsey: "RE: *MAJOR SECURITY BREACH AT CCBILL**"
Previous message: Matthew Leeds: "RE: NT Compromise"
In reply to: Dayne Jordan: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Next in thread: Robert van der Meulen: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Next in thread: NESTING, DAVID M (SBCSI): "RE: *MAJOR SECURITY BREACH AT CCBILL**"
Reply: Robert van der Meulen: "Re: *MAJOR SECURITY BREACH AT CCBILL**"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 19 2001 - 15:10:57 PST