|
Sony Ericsson Cell Phones Bluetooth L2CAP Denial of Service
|
|
Secunia Advisory:
|
SA18747
|
|
|
Release Date:
|
2006-02-08
|
|
Last Update:
|
2006-02-16
|
|
Popularity:
|
7,289 views
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| OS: | Sony Ericsson K600i
Sony Ericsson T68i
Sony Ericsson V600i
Sony Ericsson W800i
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2006-0671
|
|
Description:
Pierre Betouin has discovered a vulnerability in various Sony Ericsson cell phones, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the L2CAP (Logical Link Control and Adaptation Layer Protocol) layer. This can be exploited to temporary halt a vulnerable cell phone by sending a L2CAP packet with a specially crafted header through a wireless Bluetooth connection.
Successful exploitation requires that Bluetooth is enabled on the affected device.
The vulnerability has been confirmed to affect Sony Ericsson W800i and has also been reported to affect the following products:
* Sony Ericsson K600i
* Sony Ericsson V600i
* Sony Ericsson T68i
Solution:
Disable Bluetooth.
Provided and/or discovered by:
Pierre Betouin
Changelog:
2006-02-16: Added CVE reference.
Original Advisory:
http://www.secuobs.com/news/05022006-bluetooth7.shtml#english
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
