| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Mar 2003 17:11:17 +0100 (CET) From: Lukasz Wojcik <lookie@....medianet.pl> To: bugtraq@...urityfocus.com Subject: Re: Siemens *35 and 45 series phones SMS Danial of Service On 5 Mar 2003, Christian "cycloon" Gut wrote: > On Mon, 2003-03-03 at 02:06, subj subj wrote: > > > There is a local and remote vulnerability and > > Siemens *35 and *45 series phones. > > > > A message of the form "%String", where String is on of the > > languages from the phone language selection menu, will > > completely disable *35 series phones and result > > in a 2 minute read delay on *45 series phones. Note that > > the first letter of language should be capitalized and > > the quotation marks should be present in the message. > > i have to add the S55 to the list here. > I sent a message as described to my friend and then read it im my "Sent" > folder => 2 min delay. no chance to abort. so a real DoS. > C55 is vulnerable as well, however it doesn't DoS - the phone hangs while reading SMS in ordinary way but at any time you may exit from "Please wait" screen by pressing "disconnect" key for a while. Only method to read the sms is to Edit it insted of View. SMS sent via www sms gateway _does_ "DoS". Regards, L.
Powered by blists - more mailing lists