[security-alerts] FW: [SA18747] Sony Ericsson Cell Phones Bluetooth L2CAP Denial of Service

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> TITLE:
> Sony Ericsson Cell Phones Bluetooth L2CAP Denial of Service
> 
> SECUNIA ADVISORY ID:
> SA18747
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/18747/
> 
> CRITICAL:
> Not critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From remote
> 
> OPERATING SYSTEM:
> Sony Ericsson W800i
> http://secunia.com/product/7845/
> Sony Ericsson K600i
> http://secunia.com/product/7841/
> Sony Ericsson T68i
> http://secunia.com/product/7846/
> Sony Ericsson V600i
> http://secunia.com/product/7844/
> 
> DESCRIPTION:
> Pierre Betouin has discovered a vulnerability in various Sony
> Ericsson cell phones, which can be exploited by malicious people to
> cause a DoS (Denial of Service).
> 
> The vulnerability is caused due to an error in the L2CAP (Logical
> Link Control and Adaptation Layer Protocol) layer. This can be
> exploited to temporary halt a vulnerable cell phone by sending a
> L2CAP packet with a specially crafted header through a wireless
> Bluetooth connection.
> 
> Successful exploitation requires that Bluetooth is enabled on the
> affected device.
> 
> The vulnerability has been confirmed to affect Sony Ericsson W800i
> and has also been reported to affect the following products:
> * Sony Ericsson K600i
> * Sony Ericsson V600i
> * Sony Ericsson T68i
> 
> SOLUTION:
> Disable Bluetooth.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Pierre Betouin
> 
> ORIGINAL ADVISORY:
> http://www.secuobs.com/news/05022006-bluetooth7.shtml#english
>