Re: Computers' Insecure Security - Business Week, 17Jun05

[H D Moore <hdm-daily-dave () digitaloffense net>]

Three vulnerabilities *documented by ISS* maybe:

http://www.osvdb.org/displayvuln.php?osvdb_id=3185
http://www.osvdb.org/displayvuln.php?osvdb_id=3160
http://www.osvdb.org/displayvuln.php?osvdb_id=3149
http://www.osvdb.org/displayvuln.php?osvdb_id=3208
http://www.osvdb.org/displayvuln.php?osvdb_id=3150
http://www.osvdb.org/displayvuln.php?osvdb_id=3207
http://www.osvdb.org/displayvuln.php?osvdb_id=2520
http://www.osvdb.org/displayvuln.php?osvdb_id=3740
http://www.osvdb.org/displayvuln.php?osvdb_id=4072
http://www.osvdb.org/displayvuln.php?osvdb_id=4355
http://www.osvdb.org/displayvuln.php?osvdb_id=5165

This list doesn't include the massive amount of flaws in products like 
SiteProtector (directory traversal in the web interface, tons of 
information disclosure flaws, etc) that just never got posted to BT. 

Someone needs to learn how to count... (or search at least)

-HD

On Sunday 19 June 2005 20:28, Gage wrote:
> ISS has only had three vulnerabilities in its history, but Noonan calls
> it a wake-up call nonetheless. "Less than 1% of our customers were
> compromised, but dealing with that 1% was enormous," he says. "It has
> affected a number of things we do internally." Noonan wouldn't comment
> further about the attack's repercussions, as it's under a company
> investigation.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave