WebApp Sec mailing list archives
RE: Odd things going on at the ChoicePoint Web site
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Tue, 22 Feb 2005 07:59:32 -0500
The one and the same! I spent a couple hours yesterday looking at a half dozen ChoicePoint Web sites and found many problems. They need someone to join this list ASAP. Richard -----Original Message----- From: Jeff Robertson [mailto:Jeff.Robertson () DigitalInsight com] Sent: Tuesday, February 22, 2005 7:48 AM To: 'Daniel'; Richard M. Smith Cc: webappsec () securityfocus com Subject: RE: Odd things going on at the ChoicePoint Web site Is this the same ChoicePoint mentioned in this newspaper article? http://www.11alive.com/news/news_article.aspx?storyid=59302 Jeff Robertson Manager of Web Application Security Digital Insight
-----Original Message----- From: Daniel [mailto:deeper () gmail com] Sent: Monday, February 21, 2005 07:26 To: Richard M. Smith Cc: webappsec () securityfocus com Subject: Re: Odd things going on at the ChoicePoint Web site Whilst the site should be inspecting all input being passed back for execution (i mean we are 2005 now and OWASP has been around for long enough now), it does seem that your quotes are causing issues. On a legal note, if you were based in the UK now, you would have Scotland yards Computer Crime Unit arresting you under section 1 of the computer misuse act :( Have you contacted Checkpoint? On Sun, 20 Feb 2005 20:33:50 -0500, Richard M. Smith <rms () computerbytesman com> wrote:Hi, I just noticed something odd at the ChoicePoint Web site (http://www.choicepoint.com). If I try to search for a double quote character using the little search box at the top of thehome page, I don'tget a search results page and instead the ChoicePointsearch engine returnsa HTTP 500 error code (Internal server error). Is thisbehavior a sign ofbigger problems with the ChoicePoint search engine? Also is there any method of determining who's Web site search engine ChoicePoint is using? The base URL for a search results page is: http://www.choicepoint.com/catalog.nsf/cpsearchresults Thanks, Richard M. Smith http://www.ComputerBytesMan.com
Current thread:
- Odd things going on at the ChoicePoint Web site Richard M. Smith (Feb 21)
- Re: Odd things going on at the ChoicePoint Web site Daniel (Feb 21)
- Re: Odd things going on at the ChoicePoint Web site Bill Pennington (Feb 21)
- <Possible follow-ups>
- RE: Odd things going on at the ChoicePoint Web site Jeff Robertson (Feb 23)
- RE: Odd things going on at the ChoicePoint Web site Richard M. Smith (Feb 23)