| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 2 02:22:15 2006 From: bugtraq at securescience.net (Lance James) Subject: Re: Fedex Kinkos Smart Card Authentication Bypass Dude VanWinkle wrote: > On 2/28/06, Lance James <bugtraq@...urescience.net> wrote: > >> Eric B wrote: >> >>> Wait, so if I read this right, consumers with existing cards could >>> dupe their legit cards for fake ones and cash in the fake ones yet >>> still have credit on the legit card? >>> >>> So I'm assuming Fedex has no database/authentication system storing >>> these serials...brilliant. >>> >>> >> Yup. >> >> According to Fedex Kinko's: >> "Our analysis shows that the information in the article is inaccurate >> and not based on the way the actual technology and security function. >> Security is a priority to FedEx Kinko's, and we are confident in the >> security of our network in preventing such illegal activity." >> >> Our response: >> >> http://ip.securescience.net/exploits/P1010029.JPG >> > > lol, now thats a funny picture! > > So am I to assume that normally you can go beyond 31337 on a Kinko's > card and this is a modding of the original to produce the displayed > picture? > > The max is $100.00 > -JP > > >
Powered by blists - more mailing lists