| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1068826348.1642.40.camel@earth.xades.com> Date: Fri, 14 Nov 2003 16:12:28 +0000 From: fulldisc <fulldisc@...es.com> To: Pentest Security Advisories <alerts@...test.co.uk> Cc: Jordan Wiens <jwiens@...sp.nerdc.ufl.edu>, bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: Re: Serious flaws in bluetooth security lead to disclosure of personal data On Fri, 2003-11-14 at 10:21, Pentest Security Advisories wrote: [...] > No, you didn't misread - The T610, whilst still vulnerable to some > attacks, does provide more protection > of OBEX profiles. In this respect, it's better than the other phones / > devices we've tested. > > On the particular T610 that was tested, we found that whilst it was > possible to upload files to the phone we could not download files from it. It is very possible (and easy) to download (very) sensitive files from a T610 as long as the MAC is known; no pairing necessary. This is with T610 Firmware rev R3C002 (latest). Files include calendar and phonebook. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists