[Owasp-Malaysia] telco info leak via web app?
Hazrul Hamzah
hazrul at hazrulnz.net
Wed Oct 6 03:09:33 EDT 2010
Bro,
Did u notify Maxis? If yes what are their response?
On 06/10/2010 14:27, Hasanuddin Abu Bakar wrote:
> Their RADIUS internet/3g billing system also get compromised. I am not
> revealing the vulnerabilities to public because it can cause a large
> damage to their system, financially. I am also a Maxis customer and
> this is not a small deal.
>
>
>
> On Wed, Oct 6, 2010 at 12:01 PM, Mohd Fazli Azran
> <mfazliazran at gmail.com <mailto:mfazliazran at gmail.com>> wrote:
>
> It happen regular not Maxis but other also. After upgrade they
> test at public. Suppose before the up to the public they must test
> internal and just open to their staff. But when open to the public
> it will cause big impact if the application going trouble. After i
> get this email i just test to login my old account. Erkssss...
>
> Now Maxis really really big trouble after my old number i can
> login ahaks..... i think my number already deactivated and my SIM
> card are not active.. But at web online i can used it. Already
> email to maxis helpline and ask to disable it. Haiya. Surprise why
> Maxis just like that.... just!!!
>
> Business is business :P
>
> On Wed, Oct 6, 2010 at 11:27 AM, James Tan <jameztcc at gmail.com
> <mailto:jameztcc at gmail.com>> wrote:
>
> Hi,
>
> saw this in a tech feed.... ...
>
> http://arsyan.com/blog/2010/10/04/maxis-billing-system-bug/
> was read
> from: http://www.lowyat.net/v2/bugged-maxis-online-account-system-shows-others-personal-info-2.html
>
> Anyone with Maxis account could figure out what's the likely
> cause?
>
>
> thanks,
> James Tan
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> <mailto:Owasp-Malaysia at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org <mailto:Owasp-Malaysia at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
>
> --
> Hasanuddin Abu Bakar
> GSEC #28858
> IT Security Engineer
> +6017 913 1983
>
> Sigma Rectrix Systems (M) Sdn Bhd
> No.15 & 15-1, Jalan Equine 9A,
> Equine Park, Bandar Putra Permai
> 43300 Seri Kembangan Selangor
> URL : www.sigmarectrix.com <http://www.sigmarectrix.com>
>
> Phone : 03-89486696
> Fax : 03-89487796
> Helpdesk : 03-89486596
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101006/09c82697/attachment.html
More information about the Owasp-Malaysia
mailing list