lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.44.0303061707550.24411-100000@fly.medianet.pl>
Date: Thu, 6 Mar 2003 17:11:17 +0100 (CET)
From: Lukasz Wojcik <lookie@....medianet.pl>
To: bugtraq@...urityfocus.com
Subject: Re: Siemens *35 and 45 series phones SMS Danial of Service


On 5 Mar 2003, Christian "cycloon" Gut wrote:

> On Mon, 2003-03-03 at 02:06, subj subj wrote:
> 
> >  There is a local and remote vulnerability and
> >  Siemens *35 and *45 series phones.
> > 
> >  A message of the form "%String", where String is on of the
> >  languages from the phone language selection menu, will
> >  completely disable *35 series phones and result
> >  in a 2 minute read delay on *45 series phones. Note that
> >  the first letter of language should be capitalized and
> >  the quotation marks should be present in the message.
> 
> i have to add the S55 to the list here.
> I sent a message as described to my friend and then read it im my "Sent"
> folder => 2 min delay. no chance to abort. so a real DoS.
> 

C55 is vulnerable as well, however it doesn't DoS - the phone hangs while 
reading SMS in ordinary way but at any time you may exit from "Please 
wait" screen by pressing "disconnect" key for a while.
Only method to read the sms is to Edit it insted of View.

SMS sent via www sms gateway _does_ "DoS".

Regards,
L.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ