Full Disclosure mailing list archives
Sago Networks allows use of root passwords in clear text channels
From: Scott Edwards <supadupa () gmail com>
Date: Mon, 14 Mar 2005 03:02:55 -0700
Sago Networks [www.sagonet.com], is a hosting provider for dedicated and colocated servers, including other various internet related services. The ticketing system does not collect trouble ticket data over SSL. Furthermore, trouble ticket information requests a root/admin password when working on the server. This password is passed in the clear over plain http (not ssl, eg https enabled). This same root/admin password is also sent to the customer in an email upon opening of the ticket. considering the poor service I've had with this company, nearly since day one, I have little alternative, but to switch providers. Consider this a recommendation to NOT use them if at all possible. Thank you, Scott Edwards -- Daxal Communications - http://www.daxal.com Surf the USA - http://www.surfthe.us _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Sago Networks allows use of root passwords in clear text channels Scott Edwards (Mar 14)
- Re: Sago Networks allows use of root passwords in clear text channels Thorsten Holz (Mar 14)