Bugtraq mailing list archives
DoS attack on AT&T Wireless text-messaging service
From: pgamache () SPSCOMMERCE COM (Peter Gamache)
Date: Wed, 14 Jul 1999 08:10:41 -0500
Recently, I've had the misfortune of having an automated process at work that reports errors to my PCS phone (via email, NxxXxxXxxx () mobile att net) go haywire, and send me a hundred (or so) messages a day. Even better, this happened on the July 4th weekend, so I was stuck with over 300 messages queued to me. After getting sick of repeating the key sequence for "delete all messages" on my Nokia 6160, I gave up, and called AT&T Wireless customer service. Apparently, they've got no way to clear messages from the queue on their side. The first time I asked, they said, "Sure, we'll take care of it." Of course, they didn't. They deleted my voice mailbox (with saved messages in it! Grr!), but it didn't clear the SMS text message queue, which is apparently monaged by a different system. After a second phonecall to get my voicemail re-activated, I went through the hassle of trying to convince the customer support people that A) I didn't want them to erase the text messages that were already on my phone. B) The messages don't just dissapear when someone sends them to you, they are held in a queue somwhere when your phone's memory is filled. (they seem to think that if your memory is full, the new messages get discarded -- which is NOT the case). In short, if you discover someone who has an ATT wireless PCS phone with Tier-2 voicemail (SMS text messaging via an email gateway, such as 612-555-1212 becomes 6125551212 () mobile att net), you can cause an effective denial of service to the poor victim by sending them a few thousand messages, and according to ATT Customer Service, there's no way for them to dequeue the messages... AT&T's official advice is :"Menu -> Messages -> Text -> Erase All -> Security Code -> OK" Repeat, ad nauseam. My fingers are tired. :( - Peter
Current thread:
- aix 4.2 4.3.1, adb GZ Apple (Jul 12)
- Re: aix 4.2 4.3.1, adb Mike Austin (Jul 13)
- Root Perms Gained with Patrol SNMP Agent 3.2 (all others?) Andrew Alness (Jul 13)
- Announcing First Annual ToorCon Ben (Jul 13)
- ircd exploit in ircu based code Kevin Day (Jul 13)
- Re: ircd exploit in ircu based code Kev (Jul 15)
- About IGMP and another exploit for Windows95x/98x Hector Leon (Jul 13)
- credit (was Re: About IGMP and another exploit for Windows95x/98x) Max Vision (Jul 14)
- Re: aix 4.2 4.3.1, adb Troy A. Bollinger (Jul 13)
- DoS attack on AT&T Wireless text-messaging service Peter Gamache (Jul 14)
- BO2K Aleph One (Jul 15)
- <Possible follow-ups>
- Re: aix 4.2 4.3.1, adb Peter.Fredriksson () Skriptor com (Jul 13)
- Re: aix 4.2 4.3.1, adb Troy A. Bollinger (Jul 15)