Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Siemens *35 and 45 series phones SMS Danial of Service
From: Lukasz Wojcik <lookie () fly medianet pl>
Date: Thu, 6 Mar 2003 17:11:17 +0100 (CET)

On 5 Mar 2003, Christian "cycloon" Gut wrote:

On Mon, 2003-03-03 at 02:06, subj subj wrote:

 There is a local and remote vulnerability and
 Siemens *35 and *45 series phones.

 A message of the form "%String", where String is on of the
 languages from the phone language selection menu, will
 completely disable *35 series phones and result
 in a 2 minute read delay on *45 series phones. Note that
 the first letter of language should be capitalized and
 the quotation marks should be present in the message.

i have to add the S55 to the list here.
I sent a message as described to my friend and then read it im my "Sent"
folder => 2 min delay. no chance to abort. so a real DoS.


C55 is vulnerable as well, however it doesn't DoS - the phone hangs while 
reading SMS in ordinary way but at any time you may exit from "Please 
wait" screen by pressing "disconnect" key for a while.
Only method to read the sms is to Edit it insted of View.

SMS sent via www sms gateway _does_ "DoS".

Regards,
L.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]