SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (VoIP/Phone/FAX)  >   Siemens Phone Vendors:   Siemens
(A Fix is Available) Re: Siemens 3569i Mobile Phone Can Be Shut Down By Remote Users Sending Malicious SMS Messages
SecurityTracker Alert ID:  1003401
SecurityTracker URL:  http://securitytracker.com/id/1003401
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 30 2002
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Siemens 3568i (Or below)
Description:   A denial of service vulnerability was reported in the Siemens 3568i mobile phone. A remote user can cause the phone to shut down.

It is reported that a remote user can send an SMS message to the phone containing an exceptional character to cause the phone to shut down when the mobile phone user views the SMS message.

A demonstration exploit message is available at:

http://www.benjurry.org/en/program/smsdos.zip
http://www.xfocus.org/download.php?id=10

[Editor's note: We were unable to access the demonstration exploit messages at the above listed URLs at the time of this entry.]
Impact:   A remote user can cause the mobile phone to shut down when the phone user views an SMS message.
Solution:   The author of the original vulnerability report states that, according to the vendor, the new software version 23 for the 35xx series phones (e.g., 3508i, 3518i, 3568i) include a fix for this vulnerability. Customers can apparently update their software via their regional support center.
Vendor URL:  www.my-siemens.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  

Message History:   This archive entry is a follow-up to the message listed below.
Jan 15 2002 Siemens 3569i Mobile Phone Can Be Shut Down By Remote Users Sending Malicious SMS Messages


 Source Message Contents
Date:  Thu, 31 Jan 2002 06:00:54 +0800
Subject:  RE:Siemens Mobile Phone SMS Denial of Service Vulnerability


Hi,
It is said by SSMC(Siemens Shang Mobile Communication Ltd) that the new software
version 23 of 35 series(3508i,3518i & 3568i ) already resolved this vulnerability.
Any one can update their software on the regional support center.




Thank for Wang Jian in SSMC.


 Best Regards

benjurry
http://www.benjurry.org
http://www.xfocus.org
Share what I know,learn what I don't


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC