[Owasp-Malaysia] telco info leak via web app?

Mohd Fazli Azran mfazliazran at gmail.com
Wed Oct 6 00:01:28 EDT 2010


It happen regular not Maxis but other also. After upgrade they test at
public. Suppose before the up to the public they must test internal and just
open to their staff. But when open to the public it will cause big impact if
the application going trouble. After i get this email i just test to login
my old account. Erkssss...

Now Maxis really really big trouble after my old number i can login
ahaks..... i think my number already deactivated and my SIM card are not
active.. But at web online i can used it. Already email to maxis helpline
and ask to disable it. Haiya. Surprise why Maxis just like that.... just!!!

Business is business :P

On Wed, Oct 6, 2010 at 11:27 AM, James Tan <jameztcc at gmail.com> wrote:

> Hi,
>
> saw this in a tech feed.... ...
>
> http://arsyan.com/blog/2010/10/04/maxis-billing-system-bug/
> was read from:
> http://www.lowyat.net/v2/bugged-maxis-online-account-system-shows-others-personal-info-2.html
>
> Anyone with Maxis account could figure out what's the likely cause?
>
>
> thanks,
> James Tan
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101006/391dc8a4/attachment-0001.html 


More information about the Owasp-Malaysia mailing list