WHID 2006-38: Convenience or just bad design?
Altiris seems to have designed their servers so that it is easy to both access their customers upload as well as find out their e-mail addresses.
Additional information:
- Convenience or just bad design? [WebAppSec, Jul 12 2006]
Attack Method:
Incident Outcome: