Loading ...

According to the notice on the site Vulnerability Lab, the airline closed the security vulnerabilities in its web-site.

As we learned from security bulletin site vulnerability-lab.com, on the official web-site of the airport in Duesseldorf was closed a number of dangerous vulnerabilities. As specified in the Vulnerability Lab, several SQL injection vulnerabilities that allowed an attacker to potentially gain access to the database was closed in December 2011.

It should be noted that this database contains personal data of customers, as well as data service Airliner Lounge, accessible only to employees. In addition, as reported h-online.com, underlying vulnerability allowed an attacker to gain remote access to a specific list of vip-clients, credit card data, lists of passengers and the root password server.

These holes contained in web-applications that are relevant to the portal gallery, shops and review areas of pressing the interactive key.Representatives of the Vulnerability Lab also noted that they had notified the administration about the dangers of the portal in April of last year.”Unfortunately we have not received any response. During the audit, we found that the vulnerability was eliminated a few weeks ago “- said a security expert Ben Koontz.