lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 16 Jul 2013 10:13:43 +0800
From: 醉麻 <mazuishenghuo@...il.com>
To: bugtraq@...urityfocus.com
Subject: [CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of
 Samsung Galaxy S3/S4

Hi list,
I would like to inform you that the details of the vulnerability in
built-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763
and CVE-2013-4764) are now disclosed to public.

In Samsung Galaxy S3/S4, a pre-loaded app, i.e.,
sCloudBackupProvider.apk, is used to provide backup functionality for
the users, and it unintentially exposes several unprotected
components. By exploiting these unprotected components, an
unprivileged app can trigger a so-called “restore” operation to write
SMS messages back to the standard SMS database file (mmssms.db) used
by the system messaging app, i.e., SecMms.apk. As a result, a smishing
attack can effectively create and inject arbitrary (fake) SMS text
messages. Similarly, fake MMS messages and call logs are also
possible. This vulnerability has been disclosed in CVE-2013-4763.

Also, these components can be sequentially triggered in a specific
order to create arbitrary SMS content, inject to system-wide SMS
database, and then trigger the built-in SMS-sending behavior (to
arbitrary destination). This vulnerability has been disclosed in
CVE-2013-4764.

QIHU Inc. discovered these vulnerability and informed Samsung Corp. in
June 10, 2013. Samsung confirmed the vulerability and is now preparing
an OTA update. As a temporary workaround, disable the
sCloudBackupProvider.apk app would help block known attack vectors.

Details of CVE-2013-4763 and CVE-2013-4764 can be also found in QIHU
Inc.'s official site:
http://shouji.360.cn/securityReportlist/CVE-2013-4763.html
http://shouji.360.cn/securityReportlist/CVE-2013-4764.html

Regards,
Z.X. from QIHU Inc.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ