[OWASP-Bangalore] Fwd: Mid-Day Website : Hackable --

Bipin Upadhyay muxical.geek at gmail.com
Thu Jul 29 07:23:36 EDT 2010


It's not actually.
If end-users are in trouble due to  administrator's negligence, it's discretionary to disclose. That's the essence of full-disclosure.
In any case, Raxit's been fairly responsible by not disclosing the details yet.

My $0.02 (sorry, don't have Rupee symbol on my BB yet)

-Bipin.

»»sent from my pwnedBerry®

-----Original Message-----
From: chintan dave <davechintan at gmail.com>
Sender: owasp-bangalore-bounces at lists.owasp.org
Date: Wed, 28 Jul 2010 19:29:44 
To: <owasp-bangalore at lists.owasp.org>
Reply-To: owasp-bangalore at lists.owasp.org
Subject: Re: [OWASP-Bangalore] Fwd: Mid-Day Website : Hackable --

There are tons and tons of websites vulnerable.

If people don't care, what is the point making ruckus about it on the group.
Its a decision they are taking - "not to fix". As long as someone is
understanding the risk and ready to live with that risk, its good
enough :)

On Sat, Jul 24, 2010 at 9:00 PM, Raxit Sheth <raxitsheth2000 at gmail.com> wrote:
> Hey
>
> Anyone is having top level contacts can forward it ? Its home page is open.
> i found this from linkedin, and but none keen to listen.
>
> As it is still open, i dont think it is wise to publish details, however you
> can try its very easy, just 2min it will take.
>
> Raxit Sheth
>
> ---------- Forwarded message ----------
> From: <snipped>
> Date: Sat, Jul 24, 2010 at 2:25 PM
> Subject: Re: Mid-Day Website : Hackable --
> To: Raxit Sheth <raxitsheth2000 at gmail.com>
>
>
> I don't care
>
> On 24 Jul 2010 11:37, "Raxit Sheth" <raxitsheth2000 at gmail.com> wrote:
>
> Hello
>
>
> Looks like Mid-day website is easily hackable.
> Please ask someone who is managing Mid-day website to contact me on 98922
> 38248.
>
>
> Raxit Sheth
>
>
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>



-- 
Regards,
Chintan Dave,

LinkedIn: http://in.linkedin.com/in/chintandave
Blog:http://www.chintandave.com
_______________________________________________
OWASP-Bangalore mailing list
OWASP-Bangalore at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-bangalore


More information about the OWASP-Bangalore mailing list