lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: 13 Apr 2005 21:18:05 -0000
From: Luca Ercoli <io@...aercoli.it>
To: bugtraq@...urityfocus.com
Subject: LG U8120 Mobile Phone Denial of Service




===============================================================
Model:              LG U8120 (other LG phones maybe vulnerable)
Auth:               http://www.lge.com
Vulnerability Type: Remote Denial Of Service
--



Disclaimer:
==========

The information is provided "as is" without warranty of any kind.
The author of this issue shall not be held liable for any
damages due to the informations contained in this advisory.



Vulnerability Description:
=========================


A vulnerability in LG U8120 Mobile Phone has been discovered.
A specially crafted midi file can be used to perform a 
denial of service attack against the device. 
Playing the malicious midi will cause the mobile phone 
to crash.



There are other vulnerable models?:
==================================

I think that other LG mobile phones are vulnerable 
to this attack, specially mobile phone with bluetooth 
features, like:

- LG G1610
- LG U8200
- LG U8210
- LG M4300

But i've not tested this flaw on those models.



Exploit:
========


www.lucaercoli.it/LG/lgfreeze.mid



How to exploit the vulnerability:
================================


In order to exploit the mentionated vulnerability, 
an attacker must send the midi file via mms to 
vulnerable device.


To perform the attack from LG U8120:
(WARNING: DOING THIS OPERATIONS YOU CAN BLOCK YOUR DEVICE!
          TO RESET IT USE THIS CODE:  277634#*#)

1- Save a mms draft with a dummy midi file
2- Connect mobile phone to PC and overwrite the dummy file with 'lgfreeze.mid'.
3- Send the mms draft.











credits:
-- 
Luca Ercoli    <io [at] lucaercoli.it>
		www.lucaercoli.it

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ