I actually know a few people who go to A&M who discovered similar vulnerabilities. A friend gained access to the Windows LAN Manager passwords and cracked them, getting access to login and passwords of the entire freshman Engineering class. On a separate occasion, he noticed a windows folder share on a server which contained the logs for the Engineering departments student portal. The logs contained every login attempt with the login and password stored in plain text! Not kidding.
So he told the department system admins and they basically shrugged him off.. Maybe now they've learned their lesson?
So he told the department system admins and they basically shrugged him off.. Maybe now they've learned their lesson?