SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (VoIP/Phone/FAX)  >   Siemens Phone Vendors:   Siemens
Siemens 3569i Mobile Phone Can Be Shut Down By Remote Users Sending Malicious SMS Messages
SecurityTracker Alert ID:  1003226
SecurityTracker URL:  http://securitytracker.com/id/1003226
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 15 2002
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): Siemens 3568i (Or below)
Description:   A denial of service vulnerability was reported in the Siemens 3568i mobile phone. A remote user can cause the phone to shut down.

It is reported that a remote user can send an SMS message to the phone containing an exceptional character to cause the phone to shut down when the mobile phone user views the SMS message.

A demonstration exploit message is available at:

http://www.benjurry.org/en/program/smsdos.zip
http://www.xfocus.org/download.php?id=10

[Editor's note: We were unable to access the demonstration exploit messages at the above listed URLs at the time of this entry.]
Impact:   A remote user can cause the mobile phone to shut down when the phone user views an SMS message.
Solution:   No solution was available at the time of this entry. The author of the report recommends not displaying SMS messages sent by unknown individuals and notes that malicious messages can be deleted via the computer interface.
Vendor URL:  www.my-siemens.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  

Message History:   This archive entry has one or more follow-up message(s) listed below.
(A Fix is Available) Re: Siemens 3569i Mobile Phone Can Be Shut Down By Remote Users Sending Malicious SMS Messages   (<benjurry@263.net>)
The author of the original report notes that a fix is available.


 Source Message Contents
Date:  Mon, 14 Jan 2002 10:25:38 +0800
Subject:  Siemens Mobie SMS Exceptional Character Vulnerability


BSA200201 


--------------------------------------------------------------------------- 
Siemens Mobie SMS Exceptional Character Vulnerability 
--------------------------------------------------------------------------- 


Release Date:

2002-01-13 

Author:

benjurry(benjurry@xfocus.org)

Homepage:

www.benjurry.org www.xfocus.org

Affected system:


Siemens 3568i(Or below)

Not affected system:

Siemes 6688

Description:

Siemens Mobie transfer SMS by PDU fromat.There is a bug in displaying exceptional character, the mobie will be shutdown,

and the SMS can't be delete.So anyone can DOS the mobie's SMS by sending lot of this type SMS.

Exploit:

http://www.benjurry.org/en/program/smsdos.zip

http://www.xfocus.org/download.php?id=10

Solution:

Don't diplay the SMS sending by stranger.If you receive this sms ,you can delete it by computer's program.


ABOUT XFOCUS 
Xfocus is a non-profit and free technology organization which was founded in 1998 in China. We are devoting to research and demonstration
 of weaknesses related to network services and communication security. 

Copyright 2001 http://xfocus.org, All rights reserved.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC