Today I wanna report an important bug dues to miss configuration system.
The Miss Configuration Bug (MCB) affects the website of the Department of Security and Health, in Malaysia. Up to 200 mails and password are included in this directory listing.
I Know, it’s incredible, lots of mails and lots of password “free” in the net, moreover in a Excel paper…
It’s another example of security evangelist lack.
Related Reading: 1 and 2.
VIA security.my.