Security Exploits...to report, or not to report?
Wojciech Puchar
wojtek at wojtek.tensor.gdynia.pl
Thu Dec 25 22:54:06 UTC 2008
> I was given an FTP account on a server for company X. Being a UNIX
> guy, I did some poking around and discovered a security flaw in how
> they set their web server up, which would permit anyone at the company
> with an FTP account, to intercept ANY data that passed through the
> company website.
>
> Question:
> Do I tell them about it?
it looks like lack of basic skills of their admin.
if you'll tell him, you won't even hear "thanks" or in worst case you will
end in court.
just make use of it
More information about the freebsd-questions
mailing list