| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTinKy8UsAkPd0gg5UoSESdfeNE8bhjAA-OepKO1Q@mail.gmail.com> Date: Sun, 29 Aug 2010 21:09:50 +0200 From: "xufi ." <xufxuf@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Orange Spain disclosing user phone number Hi, Doing an assessment on mobile GWs I found that Orange Spain is adding the user MSISDN in any HTTP request sent in it´s network. That means that is really simple to get the user phone number from a Orange Spain user. On one hand, I saw that Orange Spain uses the header x-up-calling-line-id to add a user temporary ID that changes every 24h but I also found that in any HTTP request they will add the user phone number in the header X-Network-info. In particular the HTTP header looks like as follow: X-Network-info: CSD,34xxxxxxxxx,unsecured where xxxxxxxxx is the user MSISDN I notified Orange Spain more than a month ago regarding the misconfiguration and its effects on their own customers but unfortunately they just ignored it. If you are a user of Orange Spain have in mind that every web site you access with your mobile phone will get your phone number. I posted more details in http://certificateerror.blogspot.com/2010/08/orange-spain-disclosing-user-phone.html @xuf_ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists