Professional Webmasters Community
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Professional Webmasters Community

your are free to explore your reviews, thoughts, suggestion and guidelines on every online tech talk.


Cofidis.es could see their data compromised

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

Go down

Cofidis.es could see their data compromised Empty Cofidis.es could see their data compromised

Post  andry Wed Oct 06, 2010 5:22 am


###########################################
Cofidis.es could see their data compromised
Vendor: www.cofidis.es
Falla: cedenciales critical bare
Updated :13-02-2010
###########################################
 
Cofidis is a company formed by several groups
Credit grouping different services within the
overview of global finance.

The definition as we read on their website:
"We are European leaders in credit over the phone:
we have more than 8 million customers. In Spain, I
We have over 15 years experience and a team
more than 800 employees. "

Cofidis.es could be affected by a failure THROUGH THE
third parties which may have had access
personal data, having laid bare
access credentials to the portal root and likewise to leave
the open access credentials to the database
the portal.

To get an idea of what kind of data may have been
seen or "stolen" by others, we need only look at one of
the credit application forms, and data
we can ask what type of data could contain
database.
https: / / www.espaciocliente.cofidis.es / Cofidis / preapproved / PreApproveContractDisplayAction.do

This news comes to me, then watch a post on Twitter
in which they gave a url of the portal and access Cofidis.es
a txt without any protection, and which contained
credentials above.

After watching this, and talked to some of
group members for discussion and research, we decided
look from when he could have given this and the
possible origin of the news. Doing a quick search
common search engines
##################
Update
##################

apparently the first news about
this could be the post circunstlancia
on a blog which talks about it
without disclosing whether the direct address.
The Post would have been able to get the twitter
information for your post

The post is the day 11/10/2009

http://86400.es/2009/10/11/
the-safety-of-the-to-manage-our-money /

#################################

We arrived at a post on twitter the day 10/12/2009.



And one day after 10/13/2009.


and another one the day 10/13/2009



On 14/10/2009 the txt afternoon that contained these
credentials was pulled from the portal root cofidis.es
Thus may think that these data as sensitive
could be available worldwide during the
least three days.

Google shows in its cache, an image of this document
From day dated 10/13/2009 showing credentials

www.cofidis.es/xxxxx.txt+http://www.cofidis.es/xxxx.txt&cd=8&hl=es&ct=clnk&gl=es" target="_blank" rel="nofollow">http://209.85.229.132/search?q=cache:nrpZAY7spqYJ:www.cofidis.es/xxxxx.txt+http://www.cofidis.es/xxxx.txt&cd=8&hl=es&ct=clnk&gl=es



But this would be the date on which google took that snapshot
this document, may have replaced an earlier one that
The Cofidis server logs should show when it was
first time the spider was able to track the google txt.

Likewise if you do a google search for txt file
among the first results can be seen that Google also
reveals those credentials would fail to know when it was included in the
Indexing that file to try out since date
could have produced this situation.

http://www.google.es/search?q=cofidis.txt



How could a deliberately leave a file manager
sensitive information in view of any visitor,
wonder more than one.

Surely the admin knew nothing about the existence of such
file, or so we think or want to believe) had to be a hack,
by the type of file generated and the data available and
containing it could have been a hole
Web security, the attacker through which we had
could include some external file.
(This vulnerability is known as RFI or remote file include)
since some scripts that run through the network,
do just that and looking at its source can be seen that
just take the data of the machine or inject a
Php shell.

I think Cofidis should explain this fact and thus
it should be how it affects this event to Cofidis
with the Data Protection Act
and that data has been compromised, not because luckily my
I am not in their database as I know, he never
need their services.

From the research group's development Lostmon
Groups want to appeal to companies like
Cofidis and others who work with personal data as
such sensitive and confidential, should invest
part of their profits to ensure that these data will not be
accessible and should do everything possible to protect them as
asked the Data Protection Act.

It is true that security, nothing is certain, or
the nice thing about security is the uncertainty it brings if
same. And it is true that as much as managers
place emphasis and commitment to ensure services and systems
there are always people who go ahead of them.
andry
andry
Moderator
Moderator

Posts : 467
Join date : 2010-05-07

Back to top Go down

Back to top

- Similar topics

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

 
Permissions in this forum:
You cannot reply to topics in this forum