Vulnerability Development mailing list archives

Re: Cell phone access to email

From: "Fred Newtz" <fbnewtz () houston rr com>
Date: Wed, 22 Aug 2001 01:13:52 -0500

What are you asking here?  Are you asking how it is possible for them to
send email to and from the phone with no password?  That is simple.  I am
sure the password is based on their ESN or something of that sort.  Sounds
like there could be lots of room for some fun with that setup.  Of course,
if you know what you are doing.  Fortunately I do not. :)

Fred
----- Original Message -----
From: "David B. Harrison" <hdavid11580 () qwest net>
To: <vuln-dev () securityfocus com>
Sent: Tuesday, August 21, 2001 11:06 PM
Subject: Cell phone access to email

I am hoping someone can answer a question for me.  A customer of mine is
testing a new cell phone from Qwest.  It gives them access to cheap cell
phone connection and Internet mail.  The problem is it connects to

exchange

without a password.  I can see if qwest was the server location and they
were doing a copy of some sort, but the server is behind a firewall from
Qwest yet they are getting email to the phone both external and local.

Any Ideas?
Dave H

Current thread:

Cell phone access to email David B. Harrison (Aug 21)
- BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability acz [iSecureLabs] (Aug 22)
- Re: Cell phone access to email Fred Newtz (Aug 22)
- RE: Cell phone access to email Stephen A Santos (Aug 22)
- Re: Cell phone access to email Robert Freeman (Aug 22)
- <Possible follow-ups>
- RE: Cell phone access to email John Thornton (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 22)
  - Re: Cell phone access to email Thor (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 26)