[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <auto-000029611730@mailbe-2.llnl.gov>
Date: Thu, 18 Aug 2005 17:35:02 -0700
From: "Zow" Terry Brugger <zow@...l.gov>
To: "Jay D. Dyson" <jdyson@...achery.net>
Cc: Bugtraq <bugtraq@...urityfocus.com>,
Full-Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Sensitive Information Disclosure
Vulnerability in Kinetics Kiosk Product
> Especially considering that the IP address is within a Wells Fargo
> Bank class B netblock. It just gets curiouser and curiouser.
No, that actually explains a lot -- you know how you swipe your credit card
at the kiosk so that it can retrieve your flight information? Well, it needs
to map your CC number to a name, and whether your name is encoded on the mag
stripe or not, it should go back to a bank to retrieve that information. I
bet you one good cup of coffee (offer applies to Jason and Jay only) that
that's why they're connecting to Wells Fargo.
Now then, one could debate the wisdom of transferring this information in the
clear (http as opposed to https). I'm not going to try to connect to the
server myself out of politeness, but I would hope that the connection is
being tunneled through the Internet by a VPN, and that the server is
otherwise inaccessible. If that is the case, I think the debate over whether
it uses a public or private IP is academic.
The potential insecurities in the use of Win/IE for a public kiosk are worth
considering, however I'm personally more concerned when my pilot tells us
that we're going to be delayed from pushing back for a minute because they
need to do the equivalent of a Control-Alt-Delete to the plane.
Cheers,
Terry
import StandardDisclaimer;
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists