By Robert McMillan
IDG News Service
February 19, 2009
A Romanian hacker who has spent the past few weeks exposing a common,
but dangerous, Web programming error on security vendors Web sites says
he's found a SQL injection flaw on Symantec's Web site. But Symantec
says it's not a security issue.
Still, Symantec was forced to pull down a section of the company's Web
site Thursday after a Romanian hacker, going by the name Unu, claimed
that he'd found the bug in Symantec's Document Download Center, a
password-protected part of the company's site where channel partners can
download sales materials for the company's products.
The site hosts marketing materials and Symantec said that no company or
customer information was exposed.
"Symantec immediately took the site down, conducted comprehensive
testing and determined that the issue is not a security vulnerability,"
the company said in a statement Thursday. "It appears that the
individual who reported it based the report on an error message."
Best Selling Security Books and More!