Educause Security Discussion mailing list archives
Re: Vulnerability? Or...not so much?
From: Charles Buchholtz <chip+educause () SEAS UPENN EDU>
Date: Sat, 3 Apr 2010 23:32:49 -0400
On Sat, Apr 03, 2010 at 10:59:23PM -0400, Jason Testart wrote:
If your pentest discovered this, then I would think a real BadGuy could discover it too.
White box or black box pentest? If it was a white box pentest it might have flagged a "document available with no password protection" when the URI was acting as the username/password. If it was black box pen testing, then I agree! --- Chip Charles H. Buchholtz Director of Systems Programming chip () seas upenn edu School of Engineering and Applied Science http://www.seas.upenn.edu/~chip University of Pennsylvania
Current thread:
- Vulnerability? Or...not so much? David Shettler (Apr 03)
- <Possible follow-ups>
- Re: Vulnerability? Or...not so much? Jason Testart (Apr 03)
- Re: Vulnerability? Or...not so much? David Shettler (Apr 03)
- Re: Vulnerability? Or...not so much? Charles Buchholtz (Apr 03)
- Re: Vulnerability? Or...not so much? Charles Buchholtz (Apr 03)
- Re: Vulnerability? Or...not so much? Matthew Wollenweber (Apr 03)
- Re: Vulnerability? Or...not so much? Gibson, Nathan J. (HSC) (Apr 03)
- Re: Vulnerability? Or...not so much? Dexter Caldwell (Apr 03)
- Re: Vulnerability? Or...not so much? David Shettler (Apr 03)
- Re: Vulnerability? Or...not so much? Steve Werby (Apr 04)
- Re: Vulnerability? Or...not so much? SCHALIP, MICHAEL (Apr 04)
- Re: Vulnerability? Or...not so much? Vik Solem (Apr 05)