Home page logo
/

bugtraq logo Bugtraq mailing list archives

Siemens Mobile Phone - Buffer Overflow
From: subj <r2subj3ct () dwclan org>
Date: 6 May 2003 07:28:10 -0000



======================================
---> Product: Siemens Mobile Phone
---> Version: All *45 series phones
---> OffSite: www.siemens-mobile.com
---> Problem: Buffer Overflow.
======================================

** General Description **

In phones Siemens of a series 45, I found one more vulnerability, and 
this time she(it) in my opinion is more dangerous.
At reception given sms, the phone is instantly disconnected with any not 
clear sound when you include the phone. 
With a kind it(he) works normally, but now to go in Messages-> Inbox to 
you it will be not possible. All this occurs from for overflow 
The buffer in the phone.
As is known for an insert in the message of a graphic picture such design 
is used: "%IMG_NAME", and so if instead of IMG_NAME to insert any 157 
symbols at reception by the subscriber of such message, there will be 
above described actions. 

** Exploit **
" %..........
............
............
............
............
............
............
............
............
............
............
............
............
... "

or 

" % [157 symbols of any dust "

** Note **
- > you can not send the given message from the phone siemens as soon as 
will try to transfer the message the phone to be switched off.
- > Is the fastest, the given vulnerability works and on other phones 
siemens to check up there was no opportunity, all was checked on phones 
of 45 series.

** Solution **
The decision remains only one to wait while developers will issue the new 
version of an insertion and then only to begin to rock her(it) in the 
phone.

** Contacts **
r2subj3ct () dwclan org
subj () passwd cc
www,dwcgr0up.com | www.dwcgr0up.com/subj/
irc.irochka.net *dwc *phreack *global *dhg

** Greeting **
J0k3r, D4rkGr3y, DethSpirit, r4ShRaY, Kabuto, fnq, agenox, L0vCh1Y, 
DiZHarM, cybeast, Foster, Moby, ORB, MORPFEY, drG4njubas
3APA3A, DHG, Gipshack, BlackTigerz, rsteam, p0is0n, Security.nno.ru 
HNCrew. And all who i know...


  By Date           By Thread  

Current thread:
  • Siemens Mobile Phone - Buffer Overflow subj (May 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]