I wrote: > The webmail service from BT Cellnet's Genie site appears have a vulnerability > which allows any user to read messages irrespective of their intended > recipient. Once logged in, other messages can be retrieved by merely > changing the message-id in the URL for your own messages. Engaging brain and writing this a little more clearly... The Web server logs all SMS messages sent from the site to a mobile phone. The log is displayed once a Genie user has sean SMS message, which requires authentication. By selecting a message sent by themselves, it's then possible to modify the URL used to retrieve your own message to read other messages sent via the service. James. -- "Yield to temptation -- | Consultancy: jamesat_private it may not pass your way again" | http://www.cloud9.co.uk/james | - Lazarus Long | James Fidell
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:04:21 PDT