[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] security at .edus

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] security at .edus
From: "Brian Eaton" <eaton.lists@xxxxxxxxx>
Date: Sat, 22 Apr 2006 19:13:48 -0400

On 4/22/06, Sol Invictus <sol@xxxxxxxxxxxxxxxxxxxxx> wrote:
> What you don't realize is that just by posting here that an Educational 
> Institution
> is vulnerable to this,  Some Readers (not me) might already be scanning for
> web vulnerabilities at these sites across the US.

I suspect the anonymous educational institution in question is hardly
the only vulnerable site out there.  Universities tend to be fairly
decentralized places, where academic freedom can count for a lot more
than a secure network.  Plus a university network has fewer secrets to
protect than a business.

One would hope that the registrar's office would be an exception to
the rule, but apparently not.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] security at .edus
  - From: Randal T. Rioux
- Re: [Full-disclosure] security at .edus
  - From: Fixer
- Re: [Full-disclosure] security at .edus
  - From: Gadi Evron

Prev by Date: Re: [Full-disclosure] Who Do I Contact?
Next by Date: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
Previous by thread: Re: [Full-disclosure] Re: Who Do I Contact?
Next by thread: Re: [Full-disclosure] security at .edus
Index(es):
- Date
- Thread