Sony Ericsson Phones Bluetooth L2CAP Denial of Service Vulnerability
Last update:  10-02-06 Submitted by assa
Views: 1222 Home Security


A French Security Incident Response Team has found a little bluetooth flaw on some Sony Ericsson bluetooth phones. Although it's not causing damage on your phone data, but we have to mention it to urge all manufacturer keep an eye on the security while adding more and more features.

Report posted on FrSIRT website.

Advisory ID : FrSIRT/ADV-2006-0478
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-02-08

Technical Description

A vulnerability has been identified in various Sony Ericsson cell phones, which could be exploited by remote attackers to cause a denial of service. This flaw is due to an error in the Bluetooth service that fails to properly handle malformed L2CAP (Logical Link Control and Adaptation Layer Protocol) packets containing specially crafted headers, which could be exploited by remote attackers to cause a denial of service.

Affected Products

Sony Ericsson K600i
Sony Ericsson V600i
Sony Ericsson W800i
Sony Ericsson T68i

Solution

Disable the Bluetooth service.

A more detail of the finding can be read here

http://news.zdnet.com/2100-1009_22-6037509.html





 Lastest News in this category

AhnLab exports a vaccine for mobile phones overseas for the first time
AhnLab recently entered into an agreement for OEM (original equipment manufacturing) supply of its security product 'AhnLab Mobile Security' to Tai...

Kaspersky Mobile Security 7.0 will Catch Phone Thief Now
Kaspersky Lab announced the release of a new product for the integrated protection of smartphones running Symbian and Windows Mobile. Kaspersky Mob...

McAfee Research Reveals Majority of Consumers Concerned Over Mobile Safety
McAfee announced findings from new research that reveals that almost three out of four mobile consumers (72%) are concerned about the security of t...

SMobile Announces Solution for Beselo Worm Virus
SMobile Systems announced that it has prepared and tested a mobile anti-virus update and disinfection tool for its Security Shield platform to help...

F-Secure and Sony Ericsson partner to deliver Mobile Security for UIQ
F-Secure Corporation is today announcing the availability of its Mobile Security product for the UIQ platform. F-Secure and Sony Ericsson are partn...



 Free Mobile Phone Wallpaper

iPhone_-_iPod_touch_wallpaper_-_Memphis_Sphinx
200353-43
ysao_794
dppc_090


Recommend: SlashGear / Instinct Phone cases / iPhone 3G cases / 3G iPhone cases / MY iTablet / PHONE Magazine / Samsung Instinct Cases
Samsung Instinct Accessories / BlackBerry Touch / Tube Cases / T-Mobile G1 / G1 Cases /iPhone 3G Accessories
iPod Touch Store / Apple-Touch.com / iPhone 3G Price / iPhone Buzz / Everything Dream / Macbook touch / Treo Pro / Palm Treo Pro
Android Community / Dream Accessories / Dream Cases / Touch Diamond Cases / Touch Diamond Accessories / XPERIA Accessories / BlackBerry Aurora / HTC Touch pro / Touch Diamond / HTC Diamond phone / HTC Diamond / HTC Dream / BlackBerry Bold / BlackBerry Bold Accessories / BlackBerry Bold cases / BlackBerry Thunder / BlackBerry Bold Accessories / BlackBerry Thunder Accessories / Samsung OMNIA / Bold Cases / Dare Accessories / Thunder Accessories / Thunder Cases / Android Market
Treo Pro Accessories / Treo Pro Cases / Treo Pro Store / Sprint Diamond Accessories / Sprint Diamond Cases
SlashGear.TV / the Instinct Phone / LG Dare Accessories / LG Dare Cases / Treo 800w Accessories / Treo 800w Cases / iPhone 3G Accessories / iPhone 3G Cases / iPhone nano Accessories / iPhone nano Cases / Motorola Alexander / BlackBerry Pearl 8220 / BlackBerry 9530 / G1 Accessories / HTC G1
Logos & trademarks in this site are property of their respective owner(s). The comments are property of their posters, the rest © SlashPhone.
Privacy Policy | Terms of Use | Got Suggestions?: SlashPhone Tipline / SlashPhone Editor / Vincent Nguyen
Designed and Developed by Ewdison Then. SlashPhone is part of Aradius and Powered by Madserve.com.