Vulnerability Development mailing list archives

RE: Cell phone access to email

From: "Stephen A Santos" <steve () java2000 com>
Date: Wed, 22 Aug 2001 07:26:24 -0500

If it is anything like Nextels system the password information is stored
on their end and authentication is made the same way the system knows
which number goes with which phone.  So yes, anyone with a cloned cell
can get the email.


===================
Stephen A Santos
63 W Fountainhead Dr #107
Westmont, IL 60559
H: 630-241-0493
M: 630-561-9368 

-----Original Message-----
From: David B. Harrison [mailto:hdavid11580 () qwest net] 
Sent: Tuesday, August 21, 2001 11:07 PM
To: vuln-dev () securityfocus com
Subject: Cell phone access to email


I am hoping someone can answer a question for me.  A customer of mine is

testing a new cell phone from Qwest.  It gives them access to cheap cell

phone connection and Internet mail.  The problem is it connects to
exchange 
without a password.  I can see if qwest was the server location and they

were doing a copy of some sort, but the server is behind a firewall from

Qwest yet they are getting email to the phone both external and local.

Any Ideas?
Dave H

Current thread:

Cell phone access to email David B. Harrison (Aug 21)
- BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability acz [iSecureLabs] (Aug 22)
- Re: Cell phone access to email Fred Newtz (Aug 22)
- RE: Cell phone access to email Stephen A Santos (Aug 22)
- Re: Cell phone access to email Robert Freeman (Aug 22)
- <Possible follow-ups>
- RE: Cell phone access to email John Thornton (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 22)
  - Re: Cell phone access to email Thor (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 26)