lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050612093322.18058.qmail@securityfocus.com>
Date: 12 Jun 2005 09:33:22 -0000
From: hugo@...ohacking.com
To: bugtraq@...urityfocus.com
Subject: Bluetooth SIG Denial of Service vulnerability


The next D.o.S. can be reproduced "at home", with a simple laptop. A bluettoth enabled PDA can reach same results.

1) D.o.S. to the bluetooth device

Many bluetooth device communications can be totally inhibited simply by sending a ping-flood to the device from a linux laptop with bluetooth connectivity.

To reproduce:

# l2ping -f <bluetooth_address>


At the time of this writing, tested devices are:

- -Nokia 7650 (Symbian 6.0)
- -Nokia 6600        (Symbian 7.0)
- -Siemens  V55
- -Motorola  S55
- -Conceptronic (CBTU) Bluetooth dongle on Windows 2003 (vulnerable is
 windows BT stack implemetation...)
- -Others...

1) ALL the devices tested are affected by DoS. (connection flood)
2) "Hide-mode protection" behaviour is different in any device/customer. Some
devices can not be connected while in "hide-mode" while on others you can do it.

- - Most affected customer seems to be NOKIA witch is vulnerable to denial od seervice, even in hidden mode...

Nokia seems to agree with me in the fact that DoS
exists (they have reproduced it), but they claim that they are following
Bluetooth specifications, so maybe this is a Bluetooth design error...

Quoting a Nokia guy from security-alert__at__nokia.com:

"This DoS seems to be a specification issue which should be handled by Bluetooth SIG."

For the complete time-line of ontacts with Nokia and Bluetooth people, check this URL:

http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/bt/index.html

Hugo Vázquez Caramés
Infohacking
Barcelona
Spain


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ