lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200303060720.53580.xfarrell@ddisp.net>
Date: Thu, 6 Mar 2003 07:20:53 -0500
From: Timothy Farrell <xfarrell@...sp.net>
To: bugtraq@...urityfocus.com
Subject: Re: Siemens *35 and 45 series phones SMS Danial of Service


This appears to work on the S46 (GSM) phone also.  However, just like the S45, 
pressing and holding the "hang up" button appears to remedy the problem.

Timothy F. Farrell
Web Admin.
www.TamaquaFire.com

On Sunday 02 March 2003 20:06, subj subj wrote:
> Information:
>
>     The name of vulnerability: Siemens *35-45 DoS SMS Lag
>  To vulnerability are subject: All versions siemens *35 and *45.
>                 Official site: www.siemens-mobile.com
>         Kind of vulnerability: Refusal in Service (Denial of Service).
>         Type of vulnerability: Removed / local.
>                        Author: subj (r2subj3ct@...gr0up.com)
>                          Date: 02.03.2003
>                          Site: www.dwcgr0up.com
>
> Description of vulnerability:
>
>  There is a local and remote vulnerability and
>  Siemens *35 and *45 series phones.
>
>  A message of the form "%String", where String is on of the
>  languages from the phone language selection menu, will
>  completely disable *35 series phones and result
>  in a 2 minute read delay on *45 series phones. Note that
>  the first letter of language should be capitalized and
>  the quotation marks should be present in the message.
>
> The phone will try to read the message and then after 2 minutes
>  return to the main menu. This happens every time the message is sent.
>  After 10-15 messages the battery (NiMH) gets empty.
>
> There is a local vulnerability of the same kind. A message of the
>  form "%some_word", where some_word is any lower case letter
>  sequence will result in the same effects described above.
>
> Vulnerability exploiting:
>
>  (for remote):
>  We send on "phone - victim" the message:
>    "%Deutsch"
>  Or
>    "%Polski" "%Magyar" "%English" "%Deutsch"
>  (for local):
>    "testedersecurity"
>
> Thanks:
>  DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp
>  l0bster, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, dron
> (Ivanov Andrey)



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ