Re: [Full-disclosure] CCBILL.COM Internet billing service multiple vulnerabilities



"It is very easy to reach our Information Security team at security@xxxxxxxxxx <mailto:security@xxxxxxxxxx>."

Please show at least 1 page where this e-mail is written !

Great that you are not using 23214dasdawkdjA@xxxxxxxxxx :) we could guess security@xxxxxxxxxx <mailto:security@xxxxxxxxxx>...

So what about those addresses ?
support@xxxxxxxxxx and clientsupport@xxxxxxxxxx

All e-mails from us were read - we have confirmation so ????

regards,

AS TEAM

W dniu 2010-08-17 05:52, William Bell pisze:

At CCBill we take web application security very seriously. I can assure you that no one in this organization received any type of disclosure prior to the posting of the vulnerability to this list. It is very easy to reach our Information Security team at security@xxxxxxxxxx <mailto:security@xxxxxxxxxx>. We are working hard to identify the issue in question and a post will be made here once it is resolved. I ask that the researcher from ariko-security.com please contact us at the email provided.

William Bell

Director of Information Security

CCBill.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


--
Ariko-Secuirty
Rynek G?ówny 12
32-600 Os'wie;cim
tel:. +48 33 4741511 mobile: +48 784086818

Ariko-Security Sp. z o.o. z siedziba; w Os'wie;cimiu , zarejestrowana przez Sa;d Rejonowy dla m. Krakowa-S'ródmies'cia, XII Wydzia? Gospodarczy Krajowego Rejestru Sa;dowego, KRS: 00000358273, NIP: 549-239-90-67, REGON 121262172

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Another 0day to sell.
    ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... Igor Marcel - Vugo Verbal Killer (VUGO) ... H2G-Labs Information Security - Information Security Consultant ...
    (Full-Disclosure)
  • Re: [Full-disclosure] NT4 worm
    ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... University of Pennsylvania Information Security ... Penn Information Security RSS feed ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
    ... the hacker used a previously hacked developer's account and he used the fresh kernel bug to escalate to root privilege probably because he had no access from the developer's account.. ... Curious why Secunia is rating this as 'less critical'. ... Information Security Specialist University of Pennsylvania Information Security ...
    (Full-Disclosure)
  • Re: [Full-disclosure] OpenBSD IPSEC has backdoor
    ... Bonsai Information Security Project Leader ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE
    ... Curious why Secunia is rating this as 'less critical'. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... University of Pennsylvania Information Security ... Penn Information Security RSS feed ...
    (Full-Disclosure)