Bugtraq mailing list archives
Re: FW: Shopping Carts exposing CC data (fwd from Mountain-Net
From: wdevine () BLUEGATE COM (William Devine II)
Date: Sat, 24 Apr 1999 14:54:40 -0500
Mountain Network Systems (www.mountain-net.com) makers of the WebCart system is a customer of ours. I received email from him after forwarding a copy of the messages on the bugtraq re: webcart. This is a reply I received from him. william Forwarded message:
From support () mountain-net com Sat Apr 24 07:12:51 1999 Date: Sat, 24 Apr 1999 07:11:41 -0500 To: "William Devine, II" <william () crescentcon com> X-UIDL: 924983340.009 From: support () mountain-net com Subject: Re: FW: Shopping Carts exposing CC data Hi William, Can you tell me where the signup is or just post this message. Good Day, We noticed your comment regarding one of our systems. Please be informed that we clearly state in the manuals how to secure your website when using the WebCart(r) system. If the website owner elects not to take these steps information will be exposed. This is not a reflection of the software but the level of protection the website/store owner wants to give their clients. In terms of professional conduct, if you find issues such as these you should contact the store owner and inform them of this. Not post their website to everyone in a mailist. You should also make sure you have all related information prior to making such a bold statement. You have clearly not read or had access to the manuals which describe in detail the steps to take to avoid this issue. Best Regards, Dan At 17:07 4/23/99 -0500, you wrote:-----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () netspace org] On Behalf Of Bo Elkjaer Sent: Friday, April 23, 1999 4:15 PM To: BUGTRAQ () netspace org Subject: Re: Shopping Carts exposing CC data This is my first post to Bugtraq so please bear with me for any errs and/or misconducts. I'd just like to point out, that Webcart is vulnerable too. Here goes: Mountain Network Systems Inc. http://www.mountain-net.com Platform: ? Exposed Directories: /config, /orders (and others. They're all listed in config-file) Exposed Order Info: orders.txt Exposed Config Info: mountain.cfg Number of exposed installs: 18+ at a quick glance. Probably more. PGP Option Available?: Unknown Status: Commercial, ranging from $399 to $4650. Bo Elkjaer, Denmark------------------------------------------------------ Mountain Network Systems, Inc. (281) 373-1196 P.O. Box 1362 Cypress, TX 77429 "Your Internet Programming Source" http://www.mountain-net.com http://www.inet-domains.net http://www.webstores.net ------------------------------ Sales: sales () mountain-net com Support: support () mountain-net com ------------------------------ Specialist in Advanced Internet Systems . . . making your website work for you all day everyday. Economist estimate a $200 billion online market by the year 2000. Now is the time to transform your website into a profit center! ------------------------------------------------------
Current thread:
- Re: FW: Shopping Carts exposing CC data (fwd from Mountain-Net William Devine II (Apr 24)