Siemens *35 and 45 series phones SMS Danial of Service

From: subj subj (r2subj3ct@dwclan.org)
Date: 03/03/03

  • Next message: Jan Niehusmann: "Re: Siemens *35 and 45 series phones SMS Danial of Service"
    Date: 3 Mar 2003 01:06:43 -0000
    From: subj subj <r2subj3ct@dwclan.org>
    To: bugtraq@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    Information:

        The name of vulnerability: Siemens *35-45 DoS SMS Lag
     To vulnerability are subject: All versions siemens *35 and *45.
                    Official site: www.siemens-mobile.com
            Kind of vulnerability: Refusal in Service (Denial of Service).
            Type of vulnerability: Removed / local.
                           Author: subj (r2subj3ct@dwcgr0up.com)
                             Date: 02.03.2003
                             Site: www.dwcgr0up.com

    Description of vulnerability:

     There is a local and remote vulnerability and
     Siemens *35 and *45 series phones.

     A message of the form "%String", where String is on of the
     languages from the phone language selection menu, will
     completely disable *35 series phones and result
     in a 2 minute read delay on *45 series phones. Note that
     the first letter of language should be capitalized and
     the quotation marks should be present in the message.

    The phone will try to read the message and then after 2 minutes
     return to the main menu. This happens every time the message is sent.
     After 10-15 messages the battery (NiMH) gets empty.
     
    There is a local vulnerability of the same kind. A message of the
     form "%some_word", where some_word is any lower case letter
     sequence will result in the same effects described above.

    Vulnerability exploiting:

     (for remote):
     We send on "phone - victim" the message:
       "%Deutsch"
     Or
       "%Polski" "%Magyar" "%English" "%Deutsch"
     (for local):
       "testedersecurity"

    Thanks:
     DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp
     l0bster, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, dron
    (Ivanov Andrey)


  • Next message: Jan Niehusmann: "Re: Siemens *35 and 45 series phones SMS Danial of Service"

    Relevant Pages

    • Re: Siemens *35 and 45 series phones SMS Danial of Service
      ... Siemens *35 and 45 series phones SMS Danial of Service ... > languages from the phone language selection menu, ... Please note that this vulnerability isn't as serious as you describe it. ...
      (Bugtraq)
    • SecurityFocus Microsoft Newsletter #182
      ... Introducing the world's first and only complete Internal Security Gateway: ... Microsoft Windows XP Explorer.EXE Remote Denial of Service V... ... Apache Error Log Escape Sequence Injection Vulnerability ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #131
      ... MICROSOFT VULNERABILITY SUMMARY ... Advanced Poll Remote Information Disclosure Vulnerability ... PHPNuke News Module Article.PHP SQL Injection Vulnerability ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #171
      ... Better Management for Network Security ... GoodTech Telnet Server Remote Denial Of Service Vulnerabilit... ... ASPApp PortalAPP Remote User Database Access Vulnerability ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #237
      ... MICROSOFT VULNERABILITY SUMMARY ... JPortal Banner.PHP SQL Injection Vulnerability ... Microsoft Windows Kernel Object Management Denial Of Service... ... Microsoft Windows Message Queuing Remote Buffer Overflow Vul... ...
      (Focus-Microsoft)