[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [Fwd: [user-support] Req #14348 - {redacted}- Cannot access issue]
Hi everyone,
Got this message from a well known IT organization. What is
particularly interesting is the very last line where they have
attempted to grab cookies from my machine. I would think that
this would be a vector for some sort of exploit, especially if
the exploiter worked at the company and had access to the files
collected for support.
The other point of interest is that my IP address was included in
plain text e-mails. I would think that there would be a better
way to do support tickets. One would not normally think of this
type of ticket as requiring cryptographic protection, I sure
didn't, but it is clear that enough of this type of collection
would make it open to exploitation in some, as yet unknown attack.
What might you suggest?
Allen
-------- Original Message --------
Subject: FW: [user-support] Req #14348 - {redacted} -
Cannot access issue
Date: Tue, 29 Apr 2008 16:18:01 -0400
From: <{redacted}.org>
To: <netsecurity@{redacted}.com>
References:
<4F1DDD1C51793F4EB14A2C692FF934E102FAA255@I{redacted}.org>
Not sure what the issue is with this, but we'll look into it.
Meanwhile, please try this link:
http://www.{redacted}.org/xxx.html
-----Original Message-----
From: {redacted}
Sent: Monday, April 28, 2008 11:42 AM
To: {redacted}
Subject: Fwd: [user-support] Req #14348 - {redacted} -
Cannot access issue
HI,
Here is another subscriber who has a problem with logging in.
{redacted}
----- Forwarded Message -----
From: "Digital Support Web Form" {redacted}
To: "User Support List" <user-support@{redacted}>
Sent: Friday, April 25, 2008 7:03:31 PM (GMT-0500) America/New_York
Subject: [user-support] Req #14348 - {redacted} - Cannot access issue
Digital support request received:
Request #: 14348
Name: {redacted}
Email: netsecurity@{redacted}.com
Phone:
Nature of problem: Cannot access issue
Details:
It keeps looping back to the login page.
(BTW, captchas are *not* at all secure and should be avoided as
they give a false sense of security.)
Full subscriber url: http://www.{redacted}.com/{redacted}/2008spring/
Subscriber ID:
u1: {redacted}
Collection: {redacted}
Collection ID: 6692
Document: {redacted}
Document ID: 29222
Ticket Number: 49072
IP address: {redacted}
Browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Cookies:
_______________________________________________
user-support mailing list
user-support@mailman.texterity.com
http://mailman.texterity.com/mailman/listinfo/user-support
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]