Forgot your password?
typodupeerror
Security

+ - cingular voicemail hack

Submitted by
gomez
gomez writes "i have no idea where to let people know about this. but i'm loyal to slashhdot so why not here?

i'm an admin for a call center and i was messing around with caller id the other day. i remember dialing voicemail by pressing 1 on my cingular cell phone and getting straight in w/ out a verification of password. well i thought, what if i can change my outbound ISDN caller ID on my landline phone to a friends phone, figuring that if the mechanism is only checking caller ID why not fake it? it totally worked. i was in my friends voicemail checking his messages.

i thought, well who has the power to change caller id? only admins right? well i checked the client app for use with our PBX, and lo and behold they of course (with certain user privileges) have the power to change outbound caller ID on the fly. I think most phone systems these days in a business environment allow a user to do so, but again only if they have the privileges.

cingular has already been notified about this, i just thought i'd light the fire under their arses.

check your phone software to see if you can change your outbound caller id.. i bet you see the same result.

    — gomez"

Swap read error. You lose your mind.

Working...