OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-disclosure] *******: Multiple Vulnerabilities

From: Kristian Erik Hermansen (kristian.hermansengmail.com)
Date: Fri Mar 20 2009 - 03:34:28 CDT


Bonjour,

During a recent penetration test, we discovered and worked with
******* to close numerous web-based issues. The vendor has not
replied back about a formal release of these issues, so I am posting
this notice here to inform customers to check for an update for their
products. You can contact ******* via the link below.

http://www.*******.com/

Additionally, it is also advised that customers change the default
passwords used by the affected software. For instance, the default
Apache Tomcat administrator account details are listed below and
should probably be added to publicly listed default password databases
(phenoelit, etc).

Vendor: *******
Products: (multiple)
Username: *******
Password: *******123

Cheers,
--
Kristian Erik Hermansen
http://www.linkedin.com/in/kristianerikhermansen

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/