CNET reports that two hackers have published a program that can break the encryption used by "version 4.1 of IBM's WebSphere Commerce Suite and version 3.2 of Net.Commerce". IBM has a fix for the problem. If you are running those servers you should apply the fixes quickly before the script kiddies get their hands on this tool.
Read article Here
-
WebSphere Commerce Suite Hacked (2 messages)
- Posted by: Ed Saikali
- Posted on: March 08 2001 23:50 EST
Threaded Messages (2)
- WebSphere Commerce Suite Hacked by Patrick Martin on March 10 2001 12:59 EST
- WebSphere Commerce Suite Hacked by Billy Newport on March 11 2001 17:56 EST
-
WebSphere Commerce Suite Hacked[ Go to top ]
- Posted by: Patrick Martin
- Posted on: March 10 2001 12:59 EST
- in response to Ed Saikali
When I first read this I thought that it'd erode my confidence in WebSphere. When I thought it through, the whole story really speaks well of IBM. An exploit was found and IBM responded very quickly and patched the hole.
-
WebSphere Commerce Suite Hacked[ Go to top ]
- Posted by: Billy Newport
- Posted on: March 11 2001 17:56 EST
- in response to Patrick Martin
I'm not defending them but this isn't about WebSphere Application Server, its the older products they had.
Not that WebSphere Advanced is perfect either... But, this is an old problem that I first saw reported by Internet World about a month ago and besides, IBM had already issued a fix prior to this but some customers did not apply it and were therefore still vulnerable.