A Symantec-run website was vulnerable to Blind SQL Injection problems that
reportedly exposes a wealth of potentially sensitive information.

Romanian hacker Unu used off-the-shelf tools (Pangolin and sqlmap) to steal a
glimpse at the database behind Symantec’s Japanese website. A peek at the
Symantec store revealed by the hack appears to show clear-text passwords
associated with customer records. Product keys held on a Symantec server in
Japan were also exposed by the hack.

Оставить мнение

Check Also

Как подчинить белку. Учимся эксплуатировать новую уязвимость в почтовике SquirrelMail

В почтовом сервере SquirrelMail найдена очередная уязвимость, и, хоть баг довольно прост, …