Bugtraq mailing list archives
Web Store EC App Security Analysis
From: fredb () CSE OGI EDU (Fred Bower)
Date: Tue, 27 Apr 1999 21:57:31 +0000
As a follow-on to the numerous reports of EC app security vulnerabilities, I thought that I would add my $.02. I did a (fairly) detailed analysis of WebStore ( http://www.extropia.com/scripts/web_store.html ) and have published my paper at http://www.cse.ogi.edu/~fredb/cse527paper.html for all to read. While WebStore has already been mentioned in a thread here, the detail given was limited. If you desire additional information, my report may be of interest. In addition to the unauthorized access to order information, I found potential denial of service or installation corruption issues that, while not as large a problem as publication of credit card numbers, are still significant problems in the product. fred Fred Bower Standard Disclaimers Apply fredb () cse ogi edu
Current thread:
- Web Store EC App Security Analysis Fred Bower (Apr 27)