Date: Thu, 25 Dec 2008 23:53:56 +0100 (CET) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: Modulok <modulok@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Security Exploits...to report, or not to report? Message-ID: <20081225235257.O6449@wojtek.tensor.gdynia.pl> In-Reply-To: <64c038660812251339r71c0a47dy8cb069a322555eda@mail.gmail.com> References: <64c038660812251339r71c0a47dy8cb069a322555eda@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I was given an FTP account on a server for company X. Being a UNIX > guy, I did some poking around and discovered a security flaw in how > they set their web server up, which would permit anyone at the company > with an FTP account, to intercept ANY data that passed through the > company website. > > Question: > Do I tell them about it? it looks like lack of basic skills of their admin. if you'll tell him, you won't even hear "thanks" or in worst case you will end in court. just make use of it
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081225235257.O6449>