Re: Siemens *35 and 45 series phones SMS Danial of Service

From: Christian \ (cycloon@is-root.org)
Date: Wed Mar 05 2003 - 12:20:01 PST

  • Next message: securityat_private: "[Full-Disclosure] Security Update: [CSSA-2003-SCO.4] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : Lax permissions on /dev/X" 

    On Mon, 2003-03-03 at 02:06, subj subj wrote:

>  There is a local and remote vulnerability and
>  Siemens *35 and *45 series phones.
> 
>  A message of the form "%String", where String is on of the
>  languages from the phone language selection menu, will
>  completely disable *35 series phones and result
>  in a 2 minute read delay on *45 series phones. Note that
>  the first letter of language should be capitalized and
>  the quotation marks should be present in the message.

i have to add the S55 to the list here.
I sent a message as described to my friend and then read it im my "Sent"
folder => 2 min delay. no chance to abort. so a real DoS.



-- 

Christian "cycloon" Gut <cycloon@is-root.org>

    This archive was generated by hypermail 2b30 : Wed Mar 05 2003 - 15:57:35 PST