Vulnerabilities found in Sony Ericsson phones

The French Security Incident Response Team (FrSIRT) is warning users of a Bluetooth services error in four types of Sony Ericsson phones that could allow a denial of service (DoS) attack.  The Bluetooth component fails to properly handle malformed L2CAP (Logical Link Control and Adaptation Layer Protocol) packets.  However, exploits should be minimal; the phone returns to normal functionality once it is restarted.  Users can protect themselves by turning off the ‘discoverable’ mode in Bluetooth. Secunia rates the flaw as low risk.


Leave a Reply