Full Disclosure mailing list archives

security at .edus

From: "Brian Eaton" <eaton.lists () gmail com>
Date: Sat, 22 Apr 2006 19:13:48 -0400

On 4/22/06, Sol Invictus <sol () haveyoubeentested org> wrote:

What you don't realize is that just by posting here that an Educational Institution
is vulnerable to this,  Some Readers (not me) might already be scanning for
web vulnerabilities at these sites across the US.


I suspect the anonymous educational institution in question is hardly
the only vulnerable site out there.  Universities tend to be fairly
decentralized places, where academic freedom can count for a lot more
than a secure network.  Plus a university network has fewer secrets to
protect than a business.

One would hope that the registrar's office would be an exception to
the rule, but apparently not.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

security at .edus Brian Eaton (Apr 22)
- Re: security at .edus Randal T. Rioux (Apr 22)
  - Re: security at .edus Brian Eaton (Apr 23)
- Re: security at .edus Fixer (Apr 23)
  - Re: security at .edus Dave "No, not that one" Korn (Apr 23)
- Re: security at .edus Gadi Evron (Apr 23)