| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040708105678.SM01832@3gp4server> From: m.laurence at groveindependentschool.co.uk (Mark Laurence) Subject: Nokia 3560 Remote DOS http://www.auscert.org.au/render.html?it=2795&cid=1 Similar vuln on the 6210 was discovered a while back > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of > Milan 't4c' Berger > Sent: 08 July 2004 10:26 > To: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Nokia 3560 Remote DOS > > You can get updates for money. > Here in germany you pay about 20 Euro for updating firmware, > but like old bugs told us, Nokia doesn't really care about > there mistakes. > > > Regards, > Milan > > > Kane Lightowler wrote: > > Even if Nokia does find this out first there is not to much > they can do. > > > > They can create a fix for a new firmware edition that will > ship in new models but most models that are out in the public > already will never get a firmware update. > > > > > > Regards, > > Kane > > > > > >>-----Original Message----- > >>From: full-disclosure-admin@...ts.netsys.com > >>[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of > >>marklist@...cast.net > >>Sent: Thursday, July 08, 2004 1:43 PM > >>To: full-disclosure@...ts.netsys.com > >>Subject: [Full-Disclosure] Nokia 3560 Remote DOS > >> > >> > >>Hello list, > >> > >> I have found a vulnerability with Nokia's 3560 cellular > >>phone, in which anyone may remotely crash the phone's OS, > >>requiring the user to disconnect the battery to restore > >>normal functionality. The attack only requires sending the > >>person a specially crafted text message. This can be done > >>very easily via e-mail or from any capable cell phone. > >> > >>I have only tested this on the 3560, but other models may be > >>vulnerable as well. > >> > >>During the attack, the phone does not emit a "new message" > >>tone, and the message does not get stored in phone after > >>rebooting. Victims have no way of knowing that they have > >>been attacked. > >> > >>I know this is FD and all, but due to the seriousness of this > >>attack, I would like to notify Nokia before posting full details. > >> > >>Does anyone know of a security contact at Nokia? > >> > >>-Mark > > -- > Milan 't4c' Berger > Network & Security Administrator > 21073 Hamburg > > gpg: http://www.ghcif.de/keys/t4c.asc > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004 > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
Powered by blists - more mailing lists