lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1068825936.1642.37.camel@earth.xades.com> Date: Fri, 14 Nov 2003 16:05:36 +0000 From: nosp <nosp@...es.com> To: Pentest Security Advisories <alerts@...test.co.uk> Cc: Jordan Wiens <jwiens@...sp.nerdc.ufl.edu>, bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data On Fri, 2003-11-14 at 10:21, Pentest Security Advisories wrote: [...] > No, you didn't misread - The T610, whilst still vulnerable to some > attacks, does provide more protection > of OBEX profiles. In this respect, it's better than the other phones / > devices we've tested. > > On the particular T610 that was tested, we found that whilst it was > possible to upload files to the phone we could not download files from it. It is very possible (and easy) to download (very) sensitive files from a T610 as long as the MAC is known; no pairing necessary. Firmware rev R3C002. Files include calendar and phonebook.
Powered by blists - more mailing lists