[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [Fwd: [user-support] Req #14348 - {redacted}- Cannot access issue]
Hi everyone, Got this message from a well known IT organization. What is particularly interesting is the very last line where they have attempted to grab cookies from my machine. I would think that this would be a vector for some sort of exploit, especially if the exploiter worked at the company and had access to the files collected for support. The other point of interest is that my IP address was included in plain text e-mails. I would think that there would be a better way to do support tickets. One would not normally think of this type of ticket as requiring cryptographic protection, I sure didn't, but it is clear that enough of this type of collection would make it open to exploitation in some, as yet unknown attack. What might you suggest? Allen -------- Original Message -------- Subject: FW: [user-support] Req #14348 - {redacted} - Cannot access issue Date: Tue, 29 Apr 2008 16:18:01 -0400 From: <{redacted}.org> To: <netsecurity@{redacted}.com> References: <4F1DDD1C51793F4EB14A2C692FF934E102FAA255@I{redacted}.org> Not sure what the issue is with this, but we'll look into it. Meanwhile, please try this link: http://www.{redacted}.org/xxx.html -----Original Message----- From: {redacted} Sent: Monday, April 28, 2008 11:42 AM To: {redacted} Subject: Fwd: [user-support] Req #14348 - {redacted} - Cannot access issue HI, Here is another subscriber who has a problem with logging in. {redacted} ----- Forwarded Message ----- From: "Digital Support Web Form" {redacted} To: "User Support List" <user-support@{redacted}> Sent: Friday, April 25, 2008 7:03:31 PM (GMT-0500) America/New_York Subject: [user-support] Req #14348 - {redacted} - Cannot access issue Digital support request received: Request #: 14348 Name: {redacted} Email: netsecurity@{redacted}.com Phone: Nature of problem: Cannot access issue Details: It keeps looping back to the login page. (BTW, captchas are *not* at all secure and should be avoided as they give a false sense of security.) Full subscriber url: http://www.{redacted}.com/{redacted}/2008spring/ Subscriber ID: u1: {redacted} Collection: {redacted} Collection ID: 6692 Document: {redacted} Document ID: 29222 Ticket Number: 49072 IP address: {redacted} Browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14 Cookies: _______________________________________________ user-support mailing list user-support@mailman.texterity.com http://mailman.texterity.com/mailman/listinfo/user-support
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]