Nokia e90/n82 (s60v3) Remote Denial of Service Vulnerability

2008.09.22
Credit: anon
Risk: High
Local: No
Remote: Yes
CVE: CVE-2008-4135
CWE: CWE-399


CVSS Base Score: 7.8/10
Impact Subscore: 6.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

Nokia E90 and probably other devices with s60v3 crashes with aireplay The device should be authorised on an access point sample: aireplay-ng -0 10 -a 00:74:3B:0C:A0:5A -c 00:2A:29:F3:1F:42 wlan0 My HW: AP= Acorp w422g Nokia E90 v 07.40.1.2 Ra-6 For attack realisation is necessary to send DeAuth a package on the attacked device (to throw out it from an access point), then to continue to send packages on the device. the Device is crashed off right after repeated authorisation on an access point Vulnerability is fast shown at activity on WLAN WLAN Settings: auto I specify a harmful code: ./aireplay-ng -x 1024 -0 230 -a $ap -c $target $iface Added: the vulnerable device: Nokia N82

References:

http://xforce.iss.net/xforce/xfdb/45158
http://www.securityfocus.com/bid/31175
http://www.milw0rm.com/exploits/6459
http://www.frsirt.com/english/advisories/2008/2599


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top