nCircle.com >> 360 Security >> The Lens

« The End Of The World (As We Know It) | Main | MDI DSS: The Next Regulatory Front? »

Old Skool is Still Cool

If you ever find yourself wondering if simple directory traversal vulnerabilities are still relevant in this day and age, go read about Fox News. It's unfortunate that we don't know, and probably won't know, how long this condition was present. Was it an initial configuration issue or the result of some update or change?

It's also a reminder why continuous configuration and vulnerability assessments are really a requirement. This condition's presence on the public Internet for even a few minutes presents a significant opportunity for compromise.

*UPDATE*
Apparently, just to make it interesting, the access gained with that user/pass provided 1.5 million names, phone numbers and email addresses.

Posted by Tim Erlin on July 23, 2007 9:27 AM |

TrackBack

TrackBack URL for this entry:
http://blog.ncircle.com/cgi-bin/mt-tb.cgi/233

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on July 23, 2007 9:27 AM.

The previous post in this blog was The End Of The World (As We Know It).

The next post in this blog is MDI DSS: The Next Regulatory Front?.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.35