[29202] in bugtraq
Re: Siemens *35 and 45 series phones SMS Danial of Service
daemon@ATHENA.MIT.EDU (Lukasz Wojcik)
Thu Mar 6 13:29:26 2003
Date: Thu, 6 Mar 2003 17:11:17 +0100 (CET)
From: Lukasz Wojcik <lookie@fly.medianet.pl>
To: bugtraq@securityfocus.com
In-Reply-To: <1046895601.24313.7.camel@vertex.bastion.free-bsd.org>
Message-ID: <Pine.LNX.4.44.0303061707550.24411-100000@fly.medianet.pl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On 5 Mar 2003, Christian "cycloon" Gut wrote:
> On Mon, 2003-03-03 at 02:06, subj subj wrote:
>
> > There is a local and remote vulnerability and
> > Siemens *35 and *45 series phones.
> >
> > A message of the form "%String", where String is on of the
> > languages from the phone language selection menu, will
> > completely disable *35 series phones and result
> > in a 2 minute read delay on *45 series phones. Note that
> > the first letter of language should be capitalized and
> > the quotation marks should be present in the message.
>
> i have to add the S55 to the list here.
> I sent a message as described to my friend and then read it im my "Sent"
> folder => 2 min delay. no chance to abort. so a real DoS.
>
C55 is vulnerable as well, however it doesn't DoS - the phone hangs while
reading SMS in ordinary way but at any time you may exit from "Please
wait" screen by pressing "disconnect" key for a while.
Only method to read the sms is to Edit it insted of View.
SMS sent via www sms gateway _does_ "DoS".
Regards,
L.
