lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <EEF9DEFA70456649B701B6B32C4949AE0EAFC1@server1.contentsecurity.com.au>
From: Kane at contentsecurity.com.au (Kane Lightowler)
Subject: Nokia 3560 Remote DOS

Even if Nokia does find this out first there is not to much they can do.

They can create a fix for a new firmware edition that will ship in new models but most models that are out in the public already will never get a firmware update.


Regards,
Kane

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
> marklist@...cast.net
> Sent: Thursday, July 08, 2004 1:43 PM
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] Nokia 3560 Remote DOS
> 
> 
> Hello list,
> 
>     I have found a vulnerability with Nokia's 3560 cellular 
> phone, in which anyone may remotely crash the phone's OS, 
> requiring the user to disconnect the battery to restore 
> normal functionality.  The attack only requires sending the 
> person a specially crafted text message.  This can be done 
> very easily via e-mail or from any capable cell phone.  
> 
> I have only tested this on the 3560, but other models may be 
> vulnerable as well.  
> 
> During the attack, the phone does not emit a "new message" 
> tone, and the message does not get stored in phone after 
> rebooting.  Victims have no way of knowing that they have 
> been attacked.
> 
> I know this is FD and all, but due to the seriousness of this 
> attack, I would like to notify Nokia before posting full details. 
> 
> Does anyone know of a security contact at Nokia?
> 
> -Mark
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ