Bugtraq mailing list archives
Re: Shopping Carts exposing CC data
From: boo () DATASHOPPER DK (Bo Elkjaer)
Date: Sun, 25 Apr 1999 13:38:43 +0200
Hi Joe Your CC-exposures are gaining momentum. Right now I'm only waiting for the mainstream papers to catch up. I'm a journalist myself, working for one of Denmarks largest newspapers, but my boss don't think this is interesting stuff. Heh. Asshole. Found out some more: Cybercash 2.1.4 - http://www.cybercash.com Platforms: Sparc? Exposed directory: /smps-2.1.4-solaris-sparc/ Exposed orderinfo: Several files, as far as I can see. Many are located in the /db/credit directory. Whats worse: Exposed admin-password and configuration-files: admin.pw and admin.conf. Status: commercial. I seem to remember that Cybercash was mentioned on this list a while ago because of a bug in the debug configuration which meant that you couldn't disable full debugging. Not sure though, and my memory has a record of leakages. Bo Elkjaer, Denmark
Current thread:
- Re: Shopping Carts exposing CC data, (continued)
- Re: Shopping Carts exposing CC data Joe (Apr 23)
- Discus advisory. Elaich Of Hhp (Apr 23)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Discus advisory. Elaich Of Hhp (Apr 29)
- X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Re: X-based sniffer-netxmon route () RESENTMENT INFONEXUS COM (Apr 29)
- Re: X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Buffer overflow in ftpd and locate bug Sergey V. Kolychev (Apr 30)
- Re: X-based sniffer-netxmon Corey Lindsly (Apr 29)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Shopping Carts exposing CC data hevnsnt (Apr 23)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 25)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 27)