Re: Pgp.com was exposing ... information.

From: c c (cesarc56@yahoo.com)
Date: 02/07/02 

Date: Thu, 7 Feb 2002 08:25:50 -0800 (PST)
From: c c <cesarc56@yahoo.com>
To: vuln-dev@securityfocus.com

After the the post i received this e-mail:

-------------------start-------------------
Thank you for bringing this matter to our attention.
The problem has been
corrected.

Web Support
Network Associates
websupport@nai.com
www.nai.com

This e-mail and any files transmitted with it are the
property of
Network Associates and/or its affiliates, are
confidential, and are
intended solely for the use of the individual or
entity to whom this
e-mail is addressed. If you are not one of the named
recipient (s) or
otherwise have reason to believe that you have
received this message in
error, please notify the sender and delete this
message immediately from
your computer. Any other use, retention, dissemination
forwarding, printing
or copying of this e-mail is strictly prohibited.

-----Original Message-----
From: cesarc56@yahoo.com [mailto:cesarc56@yahoo.com]
Sent: Thursday, January 24, 2002 10:49 AM
To: websupport@nai.com
Subject: Error Messages

Response Required? Yes

Phone: 0054 0343 175838551

Problem Area: Error Messages

Problem URL:
http://www.pgp.com/naicommon/partners/tsp-seek/latam/resellers/resellers.a
sp?Country=Argentina')%20union%20select%20'a'--

Referring URL:
http://www.pgp.com/naicommon/partners/tsp-seek/latam/resellers/resellers.asp

Problem Description: The script page refereced in the
Problem url above,
allow sql inyection and cross side scripting, this
could reveal critical
customer and database information. I Hope it's very
Important to fix that
quicly.

Please contact me as soon as possible for details.

Cesar Cerrudo.
Parana, Entre Rios.
Argentina.

-------------------end-------------------
A bit late no?

NAI people don't forget to check this quickly :
Goto :

http://vil.mcafee.com/advsearch.asp

and input in a search field this:

asdf') union all select '1',name from
master..sysdatabases--

and submit!
You will Never learn.

Sorry.

Cesar Cerrudo.

__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com

Relevant Pages

  • cvsup problems
    ... I get different error messages. ... Detailer failed: Network write failure: Connection closed ... Do you Yahoo!? ...
    (freebsd-questions)
  • ISA 2004 - Microsoft Firewall Event ID 14147
    ... I've been intermittently getting the following error messages several ... times per day since upgrading to DSL several months back. ... ISA Server detected routes through adapter Loopback that do not correlate ... with the network element to which this adapter belongs. ...
    (microsoft.public.windows.server.sbs)
  • Re: LAN Fails
    ... Both computers have Windows XP, ... The latest reinstallation of the network, though, may provide some ... I've gone through the chicagotech link, and the error messages I've ... gotten are different from those in "accesserrors". ...
    (microsoft.public.windowsxp.network_web)
  • Re: Solaris 10 CDE login problem - The DT messaging system could not be started
    ... 4.Check to see any magic cookie related error messages in these ... | This happens when the tool-talk databases get corrupted. ... Look if you have network connectivity on interface pcn0 ... while searching for help on those messages I pulled up lots 'o ...
    (comp.unix.solaris)
  • Re: logging onto my domain
    ... Here are some example error messages that are listed: ... specified domain either does not exist or could not be ... Users and Computers, ... Are you on a wireless network, and if so is the signal ...
    (microsoft.public.windowsxp.security_admin)
Quantcast