[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [lists] [Full-Disclosure] Credit Card data disclosure in CitrusDB
- To: "'Maximillian Dornseif'" <dornseif@xxxxxxxxxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [lists] [Full-Disclosure] Credit Card data disclosure in CitrusDB
- From: "Curt Purdy" <purdy@xxxxxxxxxx>
- Date: Sun, 13 Feb 2005 06:37:38 -0600
Maximillian Dornseif wrote:
> A group of students at our lab called RedTeam found an
> information disclosure vulnerability in CitrusDB which can
> result in disclosure of credit card information.
<snip>
Nice job. Congrats to your students.
Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA
Information Security Engineer
DP Solutions
-----------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html