lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <49A82403.8040204@retis.it>
Date: Fri, 27 Feb 2009 18:33:55 +0100
From: Mobile Security Lab <mseclab@...is.it>
To: full-disclosure@...ts.grok.org.uk
Subject: HTC Touch vCard over IP Denial of Service PoC Code

Hello,

PoC code for testing the MSL-2008-002 vulnerability
HTC Touch vCard over IP Denial of Service
is now available at:
http://poc.mseclab.com/pocs/MSL-2008-002-PoC.py

The code  provide means for demonstrating the HTC Touch vCard over IP
DoS by sending vCards to port UDP/9204 of the target IP address.

The number of vCards (-c), the time interval between each vCard (-d),
the length (-l) and, of course, the target address are configurable.

The content of each message can also be selected (-t) by providing the
desired content, that will be embedded in each vCard sent.

Finally, a dedicated option (-s), can be used for demonstrating the
effect of very large vCards.
According to the advisory, these vCards are silently received without
triggering any sound or ringtone, even if they have been properly
selected on the UI settings.

Regards.
-- 

Mobile Security Lab

Website: www.mseclab.com <http://www.mseclab.com>

GPG Key Fingerprint
3CEC 8BFA 90C0 E620 B48C 2645 9C8C 642D A501 073F

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ