| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <43E77FB7.5080200@infratech.fr> Date: Mon, 06 Feb 2006 17:56:23 +0100 From: Research Infratech <research@...ratech.fr> To: full-disclosure@...ts.grok.org.uk, dailydave@...ts.immunitysec.com, bugtraq@...urityfocus.com Subject: [ Secuobs - Advisory ] Bluetooth : DoS on Sony/Ericsson cell phones [Software affected] Bluetooth Stack on Sony/Ericsson cell phones [Version] Sony/Ericsson K600i, V600i, W800i, T68i and certainly other models [Impact] Bluetooth Stack Denial of Service (may be more - may be a rootkit :) - Phone DoS (reboot or shutdown) - White screen bug (freeze sleeping) [Credits] Pierre Betouin - pierre.betouin@...ratech.fr - Bug found with BSS v0.6 GPL fuzzer (Bluetooh Stack Smasher) BSS could be downloaded on http://www.secuobs.com/news/05022006-bluetooth10.shtml [Vendor] notified now [Original advisory] http://www.secuobs.com/news/05022006-bluetooth7.shtml#english http://www.secuobs.com/news/05022006-bluetooth7.shtml#french [PoC] download it on http://www.secuobs.com/news/05022006-bluetooth6.shtml [PoC usage] # ./reset_display_sonyericsson 00:12:EE:XX:XX:XX [Details] A short raw L2CAP packet such as : 08 01 01 00 It represents the following L2CAP header fields : code L2CAP_ECHO_REQ; ident 1 length 1 The "real" packet sent is, in fact, 4 bytes long. The DoS can be triggered when the length sent in the L2CAP field is equal to the real length minus 3 (which is the size of the L2CAP header here). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists