Back to list
SMS handling OpenSER remote code executing
Dec 28 2006 01:09PM
sapheal hack pl
Synopsis: SMS handling OpenSER remote code executing
A critical security vulnerability has been found in OpenSER SMS
handling module. The vulnerable function should read the SMS
from the SIM-memory.
int fetchsms(struct modem *mdm, int sim, char* pdu)
The usage of this fuction might lead to memory corruption
conditions. Due to memory corruption conditions remote
code execution is possible. It happens when "beginning"
is copied to functions argument PDU (char*).
OpenSER <= 1.1.0
Proper boundary checking.
Exploitation might be conducted by preparing a specially
crafted SMS message.
[ reply ]
Copyright 2010, SecurityFocus