Cisco blunders with insecure web page

• Previous message (by thread): incorrect NXDOMAIN response from DNS server
• Next message (by thread): Cisco blunders with insecure web page
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cute..like they didn't know any better, sheesh!




>http://www.silicon.com/public/door?6004REQEVENT=&REQINT1=52897&REQSTR1=silicon.com
>
>Wednesday 24th April 2002
>
>Cisco has been forced to close an online registration form after
>neglecting to secure the web page.
>
>The page was part of a marketing programme which offered Cisco's
>second-tier resellers in Europe the chance to increase marketing funds
>if they upped sales of certain Cisco products.
>
>But applicants registering for the programme online discovered their
>banking and company details were going onto an open web page. When one
>irate silicon.com reader called the Cisco helpdesk, he was informed
>that the company was aware of the problem because several other users
>had complained.
>
>Helpdesk staff recommended that users enter fake details on the web
>and forward the real information in the post, a course of action our
>reader regarded as an extreme waste of time.
>
>In a statement, Cisco said it had pulled the registration URL for 48
>hours to install SSL (secure sockets layer) - a common way of securing
>web pages.
>
>A spokesman for the company said: "I can only put it down to an
>unfortunate oversight in corporate procedure&not a great deal of
>people have been affected but that's no excuse."
>
>The registration site had been running for 10 days before it was taken
>down on Monday. Cisco said just 100 people had registered in that
>time.

• Previous message (by thread): incorrect NXDOMAIN response from DNS server
• Next message (by thread): Cisco blunders with insecure web page
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]