[14989] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Another hole in Cart32

daemon@ATHENA.MIT.EDU (Elias Levy)
Mon May 22 15:44:23 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id:  <20000522123013.A18594@securityfocus.com>
Date:         Mon, 22 May 2000 12:30:13 -0700
Reply-To: aleph1@SECURITYFOCUS.COM
From: Elias Levy <aleph1@SECURITYFOCUS.COM>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <20000522133607.10888.qmail@securityfocus.com>

Notice that this is the same or a similar vulnerability reported
by ISS in their February 1, 200 security alert "Form Tampering Vulnerabilities
in Several Web-Based Shopping Cart Applications". Although they don't
give enough details to tell one way or another. In that alert they
mention Cart32 2.6. It seems the vendor has not learned from their
earlier mistake.

--
Elias Levy
SecurityFocus.com
http://www.securityfocus.com/
Si vis pacem, para bellum


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[14989] in bugtraq

Re: Another hole in Cart32

daemon@ATHENA.MIT.EDU (Elias Levy)Mon May 22 15:44:23 2000

daemon@ATHENA.MIT.EDU (Elias Levy)
Mon May 22 15:44:23 2000