====================================== ---> Product: Siemens Mobile Phone ---> Version: All *45 series phones ---> OffSite: www.siemens-mobile.com ---> Problem: Buffer Overflow. ====================================== ** General Description ** In phones Siemens of a series 45, I found one more vulnerability, and this time she(it) in my opinion is more dangerous. At reception given sms, the phone is instantly disconnected with any not clear sound when you include the phone. With a kind it(he) works normally, but now to go in Messages-> Inbox to you it will be not possible. All this occurs from for overflow The buffer in the phone. As is known for an insert in the message of a graphic picture such design is used: "%IMG_NAME", and so if instead of IMG_NAME to insert any 157 symbols at reception by the subscriber of such message, there will be above described actions. ** Exploit ** " %.......... ............ ............ ............ ............ ............ ............ ............ ............ ............ ............ ............ ............ ... " or " % [157 symbols of any dust " ** Note ** - > you can not send the given message from the phone siemens as soon as will try to transfer the message the phone to be switched off. - > Is the fastest, the given vulnerability works and on other phones siemens to check up there was no opportunity, all was checked on phones of 45 series. ** Solution ** The decision remains only one to wait while developers will issue the new version of an insertion and then only to begin to rock her(it) in the phone. ** Contacts ** r2subj3ct@dwclan.org subj@passwd.cc www,dwcgr0up.com | www.dwcgr0up.com/subj/ irc.irochka.net *dwc *phreack *global *dhg ** Greeting ** J0k3r, D4rkGr3y, DethSpirit, r4ShRaY, Kabuto, fnq, agenox, L0vCh1Y, DiZHarM, cybeast, Foster, Moby, ORB, MORPFEY, drG4njubas 3APA3A, DHG, Gipshack, BlackTigerz, rsteam, p0is0n, Security.nno.ru HNCrew. And all who i know...