Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - cingular voicemail hack

Submitted by
gomez
gomez writes "i have no idea where to let people know about this. but i'm loyal to slashhdot so why not here?

i'm an admin for a call center and i was messing around with caller id the other day. i remember dialing voicemail by pressing 1 on my cingular cell phone and getting straight in w/ out a verification of password. well i thought, what if i can change my outbound ISDN caller ID on my landline phone to a friends phone, figuring that if the mechanism is only checking caller ID why not fake it? it totally worked. i was in my friends voicemail checking his messages.

i thought, well who has the power to change caller id? only admins right? well i checked the client app for use with our PBX, and lo and behold they of course (with certain user privileges) have the power to change outbound caller ID on the fly. I think most phone systems these days in a business environment allow a user to do so, but again only if they have the privileges.

cingular has already been notified about this, i just thought i'd light the fire under their arses.

check your phone software to see if you can change your outbound caller id.. i bet you see the same result.

    — gomez"

Q: How many IBM CPU's does it take to execute a job? A: Four; three to hold it down, and one to rip its head off.

Working...