Bugtraq mailing list archives
Re: Shopping Carts exposing CC data
From: marascio () ECE UTEXAS EDU (Louis R. Marascio)
Date: Tue, 20 Apr 1999 20:18:26 -0500
Mercantec's SoftCart http://www.mercantec.com/ Platform: Win32 (*Nix?) ... Number of exposed installs: 1 PGP Option Available?: Unknown NOTES: This one has only been found vulnerable on ONE server. (user error?)
The
encryption scheme on the storemgr.pw password is unrecognized by me
but
I'm not an encryption guru. Someone's bound to recognize it.
Make that two, I found it located on what appears to be a decently sized regional hardware/computer sales site. Louis -- Louis R. Marascio marascio () ece utexas edu http://www.ece.utexas.edu/~marascio
Current thread:
- Re: Bash Bug, (continued)
- Re: Bash Bug Chet Ramey (Apr 22)
- L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)
- Re: Plain text passwords--necessary Densin Roy. (Apr 19)
- Re: Plain text passwords--necessary Daniel Alex Finkelstein (Apr 19)
- AOL Instant Messenger URL Crash Adam Brown (Apr 19)
- Re: AOL Instant Messenger URL Crash Daniel Reed (Apr 20)
- Shopping Carts exposing CC data Joe (Apr 19)
- Re: Shopping Carts exposing CC data Joe (Apr 20)
- Outlook 98 allows spoofing internal users Nate Lawson (Apr 20)
- Re: Outlook 98 allows spoofing internal users Peter van Dijk (Apr 25)
- Re: Shopping Carts exposing CC data Louis R. Marascio (Apr 20)
- eBay password stealing with JavaScript Michael K. Sanders (Apr 20)
- Re: eBay password stealing with JavaScript Paul Festa (Apr 21)
- Bug in Linux Mount Jacek Konieczny (Apr 20)
- Re: Bug in Linux Mount Meelis Roos (Apr 20)
- Re: Plain text passwords--necessary Tom Perrine (Apr 20)