Some hackers found out that server which are running on older IBM e-commerce software are really vurnerable.
The software I'm talking about is IBM's Net.Commerce and WebSphere Commerce Suite.
What they did? They developed a tool that makes it possible to get usernames and passwords from every account on the system. Well that's quite a bug I would say...
As quite some sites are running on this software, there are quite some sites out there who are really vurnerable.
IBM admitted there's a huge security flaw in their software and they released a patch for it....
Two hackers have published a program that breaks the encryption-protecting passwords on servers running older versions of IBM's e-commerce software, highlighting the possibility that dozens--if not hundreds--of sites have been left open to digital thieves. The flaws affect Version 4.1 of IBM's WebSphere Commerce Suite and version 3.2 of Net.Commerce, Kilroy said in the statement. Users of the latest version of IBM's WebSphere server software are protected, as are people who have installed the fixes recommended by IBM last month. |
Well well seems like the hackers won again in some way.... thousands are working to produce's 'safe" software and it just takes 2 ppl to mess that up.... impressive in some way
Source: ZDNet
