Moreover, he ran it again after reporting it to see if it was still there. Essentially he's doing an unauthorised pen test having alerted them that he'd done one already.
I agree with Benji. Regards Philip Whitehouse On 21 Jan 2013, at 21:10, Benji <[email protected]> wrote: > He found the vulnerability by running Acunetix against the system. He is what > most be would describe as, a class A moron. > > > On Mon, Jan 21, 2013 at 8:43 PM, Frank Bures <[email protected]> > wrote: >> A student has been expelled from Montreal’s Dawson College after he >> discovered a flaw in the computer system used by most Quebec CEGEPs >> (General and Vocational Colleges), one which compromised the security of >> over 250,000 students’ personal information. >> >> Ahmed Al-Khabaz, a 20-year-old computer science student at Dawson and a >> member of the school’s software development club, was working on a mobile >> app to allow students easier access to their college account when he and a >> colleague discovered what he describes as “sloppy coding” in the widely >> used Omnivox software which would allow “anyone with a basic knowledge of >> computers to gain access to the personal information of any student in the >> system, including social insurance number, home address and phone number, >> class schedule, basically all the information the college has on a student.” >> >> http://tinyurl.com/bcdrelh >> >> Cheers >> Frank >> >> -- >> >> <[email protected]> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
