Vulnerabilities found in Sony Ericsson phones

The French Security Incident Response Team (FrSIRT) is warning users of a Bluetooth services error in four types of Sony Ericsson phones that could allow a denial of service (DoS) attack.  The Bluetooth component fails to properly handle malformed L2CAP (Logical Link Control and Adaptation Layer Protocol) packets.  However, exploits should be minimal; the phone returns to normal functionality once it is restarted.  Users can protect themselves by turning off the ‘discoverable’ mode in Bluetooth. Secunia rates the flaw as low risk.


Comments are closed.

Recent Comments