|
Posted by on March 22, 2005, 9:11 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I found a HUGE security hole on my college website about a year ago and
it still hasn't been fixed. It shows SSNs, Names, birthdates, address,
phone etc... How dow I let peole know without getting in trouble myself?
|
|
Posted by bz on March 23, 2005, 1:14 pm
If you were Registered and logged in, you could reply and use other advanced thread options
joshandlinds@gmail.com wrote in news:1111554686.962430.22570
@l41g2000cwc.googlegroups.com:
> I found a HUGE security hole on my college website about a year ago and
> it still hasn't been fixed. It shows SSNs, Names, birthdates, address,
> phone etc... How dow I let peole know without getting in trouble myself?
I suggest you call the admin in charge of the web site and tell him/her
about the problem.
Call from a coin operated phone if you want to remain unidentified.
Most admins would like to know about such problems and would not be
inclined to try to get you in trouble.
--
bz
please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.
bz+nanae@ch100-5.chem.lsu.edu
--
bz
please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.
bz+csm@ch100-5.chem.lsu.edu remove ch100-5 to avoid spam trap
|
|
Posted by Jose Maria Lopez Hernandez on March 23, 2005, 8:39 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I found a HUGE security hole on my college website about a year ago and
> it still hasn't been fixed. It shows SSNs, Names, birthdates, address,
> phone etc... How dow I let peole know without getting in trouble myself?
Be careful. You obviusly has been accessing that information, because
you know it's there. You probably haven't done anything wrong, but
my advise is: Be careful.
Regards.
--
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAŅA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
|
|
Posted by CarlosRivera on March 24, 2005, 8:02 am
If you were Registered and logged in, you could reply and use other advanced thread options
i.e. they go public unless the problem is fixed. I wonder if school
newspapers are have the same rights as the regular media.
joshandlinds@gmail.com wrote:
> I found a HUGE security hole on my college website about a year ago and
> it still hasn't been fixed. It shows SSNs, Names, birthdates, address,
> phone etc... How dow I let peole know without getting in trouble myself?
|
| Similar Threads | Posted | | Full-disclosure Down any news. | December 10, 2004, 10:32 am |
| HPSBUX02079 SSRT5957 - HP-UX IPSec Encapsulating Security Payload (ESP) Tunnel Mode Remote Unauthorized Disclosure of Encrypted Data | December 7, 2005, 2:48 pm |
| information about e-cop | May 31, 2007, 4:10 pm |
| Information Security | April 27, 2004, 3:52 pm |
| Information Assurance | February 13, 2006, 5:31 pm |
| MSc in IT/Information Security | May 24, 2006, 12:31 pm |
| CBCP information request | December 21, 2004, 9:25 pm |
| Personal Information (PI) Detection | September 25, 2007, 3:49 pm |
| Working in IS Security - basic information please? | August 6, 2004, 9:05 am |
| Hackers use Google to get private information | May 26, 2006, 1:56 pm |
|
XML site map