| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Feb 2010 18:28:38 +0100 From: the hacker <info@...-hacker.info> To: full-disclosure@...ts.grok.org.uk Subject: ACM.ORG website has serious data leak again a serious data leak has been found on acm.org - full member information including postal address and mail address can be extracted from the website. In addition to that the data can also be modified acm.org CEO John White has been informed more than 24 hours ago via email about this problem, but there was no reaction at all from acm.org (the reception of the email was confirmed by the hacker calling mr white and asking if he got the mail...he said it was forwarded to IS director...), they did not even ask where/what exactly the problem is. The hacker has extracted several thousend datasets from the website as a proof of concept. so if you are a ACM member your data might be available to everyone - let mr white know what you think of this: white@....org follow the development on www.the-hacker-news.com or www.twitter.com/_the_hacker_ screenshots & details will follow once acm has closed the hole (if they ever will...) TH _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists