[REVS] Hacking Bluetooth Enabled Mobile Phones and Beyond

From: SecuriTeam (support_at_securiteam.com)
Date: 01/09/05

  • Next message: SecuriTeam: "[NEWS] Multiple IBM DB2 Vulnerabilities" 
    To: list@securiteam.com
Date: 9 Jan 2005 19:06:03 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Hacking Bluetooth Enabled Mobile Phones and Beyond
    ------------------------------------------------------------------------

    SUMMARY

    In November 2003, various vulnerabilities on Bluetooth enabled mobile
    phones emerged, as published
    <http://www.thebunker.net/security/bluetooth.htm> here. The full details
    of these vulnerabilities in Bluetooth can be found in the slideshow linked
    here.

    DETAILS

    Details of the attacks were disclosed at the
    <http://www.ccc.de/congress/2004/fahrplan/event/66.en.html> Chaos Computer
    Club's
    annual congress in Berlin - 21C3
    (Video of the lecture will be on the CCC site in due course.)

    The Slides from the talk can be found here:
    <http://trifinite.org/Downloads/21c3_Bluetooth_Hacking.pdf>
    http://trifinite.org/Downloads/21c3_Bluetooth_Hacking.pdf

    It was felt, as the industry had been given a full 13 months to react to
    the original threat discovery, and responsible manufacturers had
    engineered and released firmware upgrades, that the time had come for full
    disclosure. This became increasingly urgent as it was clear that the
    techniques used were becoming relatively widely known within the security
    community, and it could therefore be assumed that the same was true for
    criminal and/or malicious users.

    Vendor Responses:
    Nokia's response page is here:
    <http://www.nokia.com/nokia/0,,56221,0.html>
    http://www.nokia.com/nokia/0,,56221,0.html

    It emerged at the conference that Nokia have created a special warranty
    code for the Bluetooth security issues, and any affected phone, regardless
    of age or origin, can be upgraded under that code free of charge. This was
    stated by a member of the audience during the presentation, and has not
    yet been verified.
    Known affected devices: 6310, 6310i, 8910, 8910i

    Sony Ericsson have not responded directly to the author, but have stated
    publicly that the problem has been fixed in all affected phones. This has
    not been verified, and availability of firmware upgrades is unknown.
    Known affected devices: T68, T68i, R520m, T610, Z1010, Z600

    Motorola stated that they are committed to fixing the problem, but further
    details are unknown.
    Known affected devices: V80, V5xx, V6xx and E398.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:adam.laurie@thebunker.net>
    Adam Laurie.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[NEWS] Multiple IBM DB2 Vulnerabilities"

    Relevant Pages