BugTraq
Back to list
|
Post reply
Siemens Mobile Phone - Buffer Overflow
May 06 2003 07:28AM
subj (r2subj3ct dwclan org)
======================================
---> Product: Siemens Mobile Phone
---> Version: All *45 series phones
---> OffSite: www.siemens-mobile.com
---> Problem: Buffer Overflow.
======================================
** General Description **
In phones Siemens of a series 45, I found one more vulnerability, and
this time she(it) in my opinion is more dangerous.
At reception given sms, the phone is instantly disconnected with any not
clear sound when you include the phone.
With a kind it(he) works normally, but now to go in Messages-> Inbox to
you it will be not possible. All this occurs from for overflow
The buffer in the phone.
As is known for an insert in the message of a graphic picture such design
is used: "%IMG_NAME", and so if instead of IMG_NAME to insert any 157
symbols at reception by the subscriber of such message, there will be
above described actions.
** Exploit **
" %..........
............
............
............
............
............
............
............
............
............
............
............
............
... "
or
" % [157 symbols of any dust "
** Note **
- > you can not send the given message from the phone siemens as soon as
will try to transfer the message the phone to be switched off.
- > Is the fastest, the given vulnerability works and on other phones
siemens to check up there was no opportunity, all was checked on phones
of 45 series.
** Solution **
The decision remains only one to wait while developers will issue the new
version of an insertion and then only to begin to rock her(it) in the
phone.
** Contacts **
r2subj3ct (at) dwclan (dot) org [email concealed]
subj (at) passwd (dot) cc [email concealed]
www,dwcgr0up.com | www.dwcgr0up.com/subj/
irc.irochka.net *dwc *phreack *global *dhg
** Greeting **
J0k3r, D4rkGr3y, DethSpirit, r4ShRaY, Kabuto, fnq, agenox, L0vCh1Y,
DiZHarM, cybeast, Foster, Moby, ORB, MORPFEY, drG4njubas
3APA3A, DHG, Gipshack, BlackTigerz, rsteam, p0is0n, Security.nno.ru
HNCrew. And all who i know...
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
======================================
---> Product: Siemens Mobile Phone
---> Version: All *45 series phones
---> OffSite: www.siemens-mobile.com
---> Problem: Buffer Overflow.
======================================
** General Description **
In phones Siemens of a series 45, I found one more vulnerability, and
this time she(it) in my opinion is more dangerous.
At reception given sms, the phone is instantly disconnected with any not
clear sound when you include the phone.
With a kind it(he) works normally, but now to go in Messages-> Inbox to
you it will be not possible. All this occurs from for overflow
The buffer in the phone.
As is known for an insert in the message of a graphic picture such design
is used: "%IMG_NAME", and so if instead of IMG_NAME to insert any 157
symbols at reception by the subscriber of such message, there will be
above described actions.
** Exploit **
" %..........
............
............
............
............
............
............
............
............
............
............
............
............
... "
or
" % [157 symbols of any dust "
** Note **
- > you can not send the given message from the phone siemens as soon as
will try to transfer the message the phone to be switched off.
- > Is the fastest, the given vulnerability works and on other phones
siemens to check up there was no opportunity, all was checked on phones
of 45 series.
** Solution **
The decision remains only one to wait while developers will issue the new
version of an insertion and then only to begin to rock her(it) in the
phone.
** Contacts **
r2subj3ct (at) dwclan (dot) org [email concealed]
subj (at) passwd (dot) cc [email concealed]
www,dwcgr0up.com | www.dwcgr0up.com/subj/
irc.irochka.net *dwc *phreack *global *dhg
** Greeting **
J0k3r, D4rkGr3y, DethSpirit, r4ShRaY, Kabuto, fnq, agenox, L0vCh1Y,
DiZHarM, cybeast, Foster, Moby, ORB, MORPFEY, drG4njubas
3APA3A, DHG, Gipshack, BlackTigerz, rsteam, p0is0n, Security.nno.ru
HNCrew. And all who i know...
[ reply ]