Vulnerability Development mailing list archives
Re: Cell phone access to email
From: Thor () HammerofGod com
Date: Wed, 22 Aug 2001 08:30:56 -0700
Are you saying that they can check email on their phones for accounts that already existed or something? Not new, special accounts for the phones themselves? Your email really doesn't give up too much information... ----- Original Message ----- From: "David B. Harrison" <hdavid11580 () qwest net> To: <steve () java2000 com>; <vuln-dev () securityfocus com> Sent: Wednesday, August 22, 2001 7:11 AM Subject: RE: Cell phone access to email
The problem is that the customer never gave out the passwords and the server is behind a firewall not controlled by Qwest so how do the phones have access to the server for email without ever asking for a password during setup or at time of request? Dave H -----Original Message----- From: Stephen A Santos [SMTP:steve () java2000 com] Sent: Wednesday, August 22, 2001 6:26 AM To: 'David B. Harrison'; vuln-dev () securityfocus com Subject: RE: Cell phone access to email If it is anything like Nextels system the password information is stored on their end and authentication is made the same way the system knows which number goes with which phone. So yes, anyone with a cloned cell can get the email. =================== Stephen A Santos 63 W Fountainhead Dr #107 Westmont, IL 60559 H: 630-241-0493 M: 630-561-9368 -----Original Message----- From: David B. Harrison [mailto:hdavid11580 () qwest net] Sent: Tuesday, August 21, 2001 11:07 PM To: vuln-dev () securityfocus com Subject: Cell phone access to email I am hoping someone can answer a question for me. A customer of mine is testing a new cell phone from Qwest. It gives them access to cheap cell phone connection and Internet mail. The problem is it connects to exchange without a password. I can see if qwest was the server location and they were doing a copy of some sort, but the server is behind a firewall from Qwest yet they are getting email to the phone both external and local. Any Ideas? Dave H
Current thread:
- Cell phone access to email David B. Harrison (Aug 21)
- BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability acz [iSecureLabs] (Aug 22)
- Re: Cell phone access to email Fred Newtz (Aug 22)
- RE: Cell phone access to email Stephen A Santos (Aug 22)
- Re: Cell phone access to email Robert Freeman (Aug 22)
- <Possible follow-ups>
- RE: Cell phone access to email John Thornton (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 22)
- Re: Cell phone access to email Thor (Aug 22)
- RE: Cell phone access to email David B. Harrison (Aug 26)