Advisory Multiple smartphones MMS notification sender obfuscation released in Germany

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

http://www.silentservices.de/adv04-2009.html

Summary:
"Description:
A MMS Notification is part of the MMS communication flow. Usually an originator sends and
mms via a service provider (SP).
After uploading the message to the SP, the recipient gets a
MMS notification from the SP with information like originator, subject and URL of the content.
In some mobile carrier networks it is allowed to send MMS notifications directly from one mobile
unit to another.

Some Smartphones fail to properly display the originator of this kind of message which leads
to a sender obfuscation.

Impact:
This attack can be used in combination with social engineering to mislead the recipient to
access the resource specified in the content URL of the MMS notification message.
If the
receiving device MMS client is configured improperly this could lead to automatically download
whatever content is specified in the content URL.
MMS clients which do not allow access to content URLs other that the providers MMS proxy should be safe from the 
content, but are still vulnerable to the sender obfuscation.

In addition this attack can be used to send spam and hate SMS."
--clip--

Discovered by: Michael Mueller a.k.a. c0rnholio


Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.