Home page logo

pen-test logo Penetration Testing mailing list archives

Fwd: How to report a Vulnerability to a Company
From: "Adam K" <adamk1 () gmail com>
Date: Mon, 14 Jan 2008 15:37:24 -0600

I have been reading this with interest and was just curious about this
hypothetical situation.  A person goes to use a site and accidentally
hits an incorrect key and is given an error page containing important
information.  At this point would emailing the site owner be an act of
pentesting or simply a user reporting an error ?  Is there a
distinguishable difference ?  (I am taking the assumption the user is
trying to actively use the site, not looking for errors).

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]