Re: myvoicestream.com vulnerability

From: Scott Dier (diemanat_private)
Date: Wed Jan 09 2002 - 19:06:34 PST

Next message: Gabriel Maggiotti: "UPNP Denial of Service"

Previous message: Chris Lathem: "MiraMail 1.04 can give POP account access and details"
In reply to: Trey Valenta: "myvoicestream.com vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Trey Valenta <treyat_private> [020109 18:35]:
> myvoicestream.com allows VoiceStream Wireless customers to manage their
> phones and billing accounts over SSL. Access controls to sessions are

You missed the worst of it:

If you go to the 'update profile' page and view source, you can see the
currently set password.  (Web authors: please stop doing this, please
leave those blank, please require reauthentication when resetting
passwords.  I've found another site today apart from that that I just
notified the vendor of...)

Thus: you can hijack a session and gain a potentially re-used common
password and compromise a persons other accounts with that gained
information.

-- 
Scott Dier <diemanat_private> http://www.ringworld.org/

the desire for space travel is a metaphor for escape

application/pgp-signature attachment: stored

Next message: Gabriel Maggiotti: "UPNP Denial of Service"
Previous message: Chris Lathem: "MiraMail 1.04 can give POP account access and details"
In reply to: Trey Valenta: "myvoicestream.com vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 09 2002 - 20:09:34 PST