RE: Informing Companies about security vulnerabilities...

From: Michael Scheidell (scheidell@secnap.net)
Date: Thu Oct 05 2006 - 02:11:16 EDT


> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of Joseph McCray
> Sent: Wednesday, October 04, 2006 3:07 AM
> To: pen-test@securityfocus.com
> Subject: Informing Companies about security vulnerabilities...
>
>
> This probably won't sound like that big of a deal, but it
> still bothered me so I figured I'd ask the list. I was
> teaching a Web Application Security class last week and we
> were performing simple XXS, SQL Injection, etc on the
> vulnerable web apps I use for class.
>

So, what's the pool up to now? I have $50 on two weeks before the FBI
closes down the school, takes all the computers in the school, executes
a search warrant for every students computer, and the bright boy
teaching the class spends thousands of dollars trying to explain to a
Judge (that reads the newspaper about hacks on banks) that what he did
was not hacking.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:06 EDT