Using CSRF to Attack Mobile Phones

To: <full-disclosure@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Using CSRF to Attack Mobile Phones
From: "avivra" <avivra@xxxxxxxxx>
Date: Thu, 22 Nov 2007 23:16:13 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:from:to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; bh=WtONWEokwOMmOPFmHOhs8G9L7urEGet2lQcnWzDPcL0=; b=t4/+gYhJ30ju9aDdlAEzsBlL7FjryHNQz48wSTMTwt+Dl28esh4IKqQdhIMgugIbg6fc9ALs5LQ2CJoPr/7iDaIuiYGXdGNvVDWfCz3UTpimfaeHDDF3oK/5P1QzwM7GB53kkzGUROWN63MJiIzp8vVp9r46JYr4NO69W2rb0M0=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:from:to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; b=czYl4TMg0wR7YTwdlQ6vrcAuFgMTSWGo8jsBB5ghCSg6ydOvAjJ6Ls2BTucNYXqIV5aUQ366/0jZtAAxgF7CovgGdNpkhtd5ndT7KZMt+Tuf5jmoi3PyyHieyG9N2TUUTEDvfj4HtU6oZHgQxJdGSX9pizStFu2E1q4YhiaRxIk=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcgtTOiWOzlowJE1Q1O9YpXN/hvu3Q==

CSRF can be used to cause denial-of-service attacks against mobile phones by
flooding the phone with SMS and service messages. 
Mobile phone service providers in Israel, and throughout the world, provide
a web interface to send SMS messages. Fortunately, they limit the SMS
sending web interface to 20 messages per day, and they also require the user
to authenticate in order to send an SMS.
Unfortunately, at-least when referring to the Israeli providers, they also
give attackers a way to send endless SMS and service messages without any
kind of authentication and with a simple HTTP request.

More information:
http://aviv.raffon.net/2007/11/22/UsingCSRFToAttackMobilePhones.aspx

Prev by Date: Gadu-Gadu Local/Remote Buffer Overflow vulnerability
Next by Date: [ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability
Previous by thread: Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability
Next by thread: [ MDKSA-2007:231 ] - Updated cacti packages fix SQL injection vulnerability
Index(es):
- Date
- Thread