Dailydave mailing list archives
Re: Computers' Insecure Security - Business Week, 17Jun05
From: H D Moore <hdm-daily-dave () digitaloffense net>
Date: Mon, 20 Jun 2005 00:40:01 -0500
Three vulnerabilities *documented by ISS* maybe: http://www.osvdb.org/displayvuln.php?osvdb_id=3185 http://www.osvdb.org/displayvuln.php?osvdb_id=3160 http://www.osvdb.org/displayvuln.php?osvdb_id=3149 http://www.osvdb.org/displayvuln.php?osvdb_id=3208 http://www.osvdb.org/displayvuln.php?osvdb_id=3150 http://www.osvdb.org/displayvuln.php?osvdb_id=3207 http://www.osvdb.org/displayvuln.php?osvdb_id=2520 http://www.osvdb.org/displayvuln.php?osvdb_id=3740 http://www.osvdb.org/displayvuln.php?osvdb_id=4072 http://www.osvdb.org/displayvuln.php?osvdb_id=4355 http://www.osvdb.org/displayvuln.php?osvdb_id=5165 This list doesn't include the massive amount of flaws in products like SiteProtector (directory traversal in the web interface, tons of information disclosure flaws, etc) that just never got posted to BT. Someone needs to learn how to count... (or search at least) -HD On Sunday 19 June 2005 20:28, Gage wrote:
ISS has only had three vulnerabilities in its history, but Noonan calls it a wake-up call nonetheless. "Less than 1% of our customers were compromised, but dealing with that 1% was enormous," he says. "It has affected a number of things we do internally." Noonan wouldn't comment further about the attack's repercussions, as it's under a company investigation.
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Computers' Insecure Security - Business Week, 17Jun05 Gage (Jun 19)
- Re: Computers' Insecure Security - Business Week, 17Jun05 H D Moore (Jun 19)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Rodney Thayer (Jun 20)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Andrew R. Reiter (Jun 20)
- <Possible follow-ups>
- Re: Computers' Insecure Security - Business Week, 17Jun05 Steve Manzuik (Jun 20)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Steve Manzuik (Jun 20)