lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <006201c464d2$7a2129c0$4702000a@AMWILLIAM>
From: william at activeminds.nl (William J.W. Sprakel @ ActiveMinds)
Subject: Nokia 3560 Remote DOS

Tell me how please :)

----- Original Message ----- 
From: <marklist@...cast.net>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, July 08, 2004 5:42 AM
Subject: [Full-Disclosure] Nokia 3560 Remote DOS


> Hello list,
>
>     I have found a vulnerability with Nokia's 3560 cellular phone, in
which anyone may remotely crash the phone's OS, requiring the user to
disconnect the battery to restore normal functionality.  The attack only
requires sending the person a specially crafted text message.  This can be
done very easily via e-mail or from any capable cell phone.
>
> I have only tested this on the 3560, but other models may be vulnerable as
well.
>
> During the attack, the phone does not emit a "new message" tone, and the
message does not get stored in phone after rebooting.  Victims have no way
of knowing that they have been attacked.
>
> I know this is FD and all, but due to the seriousness of this attack, I
would like to notify Nokia before posting full details.
>
> Does anyone know of a security contact at Nokia?
>
> -Mark
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ