Home page logo
/

bugtraq logo Bugtraq mailing list archives

Sprint PCS vulnerable to malicious tags
From: shrub () YAHOO COM (Paul Schreiber)
Date: Fri, 4 Feb 2000 19:22:31 -0000


I'm sure you're all familiar with the CERT advisory:
  http://www.cert.org/advisories/CA-2000-02.html

Sprint PCS's web site is vulnerable to this flaw. Any text
you enter into the customer care area is subsequently
displayed verbatim on a web page:
  https://www.sprintpcs.com/manage/myaccount.asp

To access that page, you must have a sprint PCS account and
password. As soon as you post your question, it will appear
in your case history -- HTML and all.

At this point in time, it is unclear whether Sprint PCS
customer service representatives use a web browser to
respond to these questions. If this is the case, clever
hackers could exploit this vulnerability to gain sensitive
information about Sprint PCS, possibly including
confidential customer information.

There is a similar form for non-customers at:
  https://www.sprintpcs.com/learn/form_public_question.asp

You don't get to see the results yourself, but, again, if
Sprint PCS reps use a web browser, their systems could be
compromised.

Paul


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]