Details of VAR-200602-0345

ID

VAR-200602-0345

CVE

CVE-2006-0797

TITLE

Nokia N70 L2CAP Packet Remote Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2006-0965 // CNNVD: CNNVD-200602-292

DESCRIPTION

Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS). Nokia N70 is reportedly prone to a remote denial-of-service vulnerability. A successful attack can allow an attacker to corrupt memory and to trigger a denial-of-service condition. Arbitrary code execution may be possible as well, but this has not been confirmed. Nokia model N70 is reported vulnerable to this issue; the specific firmware is currently unknown. This issue is reported to be a seperate issue than 16513 (Nokia N70 Remote Denial of Service Vulnerability) also discovered using the BSS Stack Smasher. TITLE: Nokia Cell Phones Bluetooth Denial of Service Vulnerability SECUNIA ADVISORY ID: SA18724 VERIFY ADVISORY: http://secunia.com/advisories/18724/ CRITICAL: Not critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Nokia N70 http://secunia.com/product/8012/ DESCRIPTION: Pierre Betouin has reported a vulnerability in Nokia cell phones, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Bluetooth stack within the handling of certain requests. This can be exploited to cause the device to stop responding or to display a "System error" message. Other Nokia cell phones with Bluetooth functionality may also be affected. SOLUTION: Disable Bluetooth. PROVIDED AND/OR DISCOVERED BY: Pierre Betouin ORIGINAL ADVISORY: http://www.secuobs.com/news/10022006-nokia_n70.shtml#english ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.8

sources: NVD: CVE-2006-0797 // CNVD: CNVD-2006-0965 // BID: 16666 // PACKETSTORM: 43772

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2006-0965

AFFECTED PRODUCTS

vendor:	nokia	model:	n70	scope:	eq	version:	*	Trust: 1.0
vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	nokia	model:	n70	scope:	-	version:	-	Trust: 0.6
vendor:	nokia	model:	n70	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2006-0965 // BID: 16666 // CNNVD: CNNVD-200602-292 // NVD: CVE-2006-0797

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-0797
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2006-0965
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-200602-292
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2006-0797
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2006-0965
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2006-0965 // CNNVD: CNNVD-200602-292 // NVD: CVE-2006-0797

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-0797

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200602-292

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200602-292

EXTERNAL IDS

db:	BID	id:	16666	Trust: 2.5
db:	NVD	id:	CVE-2006-0797	Trust: 2.2
db:	SECUNIA	id:	18724	Trust: 1.7
db:	VUPEN	id:	ADV-2006-0538	Trust: 1.6
db:	OSVDB	id:	23061	Trust: 1.6
db:	CNVD	id:	CNVD-2006-0965	Trust: 0.6
db:	XF	id:	24688	Trust: 0.6
db:	XF	id:	2	Trust: 0.6
db:	FULLDISC	id:	20060215 [ SECUOBS - ADVISORY ] ANOTHER KIND OF DOS ON NOKIA CELL PHONES	Trust: 0.6
db:	CNNVD	id:	CNNVD-200602-292	Trust: 0.6
db:	PACKETSTORM	id:	43772	Trust: 0.1

sources: CNVD: CNVD-2006-0965 // BID: 16666 // PACKETSTORM: 43772 // CNNVD: CNNVD-200602-292 // NVD: CVE-2006-0797

REFERENCES

url:	http://www.securityfocus.com/bid/16666	Trust: 2.2
url:	http://www.secuobs.com/news/15022006-nokia_n70.shtml#english	Trust: 1.9
url:	http://www.osvdb.org/23061	Trust: 1.6
url:	http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0316.html	Trust: 1.6
url:	http://secunia.com/advisories/18724	Trust: 1.6
url:	http://www.vupen.com/english/advisories/2006/0538	Trust: 1.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/24688	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/24688	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2006/0538	Trust: 0.6
url:	www.nokia.com/nseries	Trust: 0.3
url:	http://www.secuobs.com/replay_l2cap_packet_nokian70.c	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/18724/	Trust: 0.1
url:	http://www.secuobs.com/news/10022006-nokia_n70.shtml#english	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/8012/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2006-0965 // BID: 16666 // PACKETSTORM: 43772 // CNNVD: CNNVD-200602-292 // NVD: CVE-2006-0797

CREDITS

Discovered by Pierre Betouin <pierre.betouin@infratech.fr> using Bluetooh Stack Smasher (BSS).

Trust: 0.9

sources: BID: 16666 // CNNVD: CNNVD-200602-292

SOURCES

db:	CNVD	id:	CNVD-2006-0965
db:	BID	id:	16666
db:	PACKETSTORM	id:	43772
db:	CNNVD	id:	CNNVD-200602-292
db:	NVD	id:	CVE-2006-0797

LAST UPDATE DATE

2024-08-14T12:56:40.637000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2006-0965	date:	2006-02-19T00:00:00
db:	BID	id:	16666	date:	2006-02-15T22:12:00
db:	CNNVD	id:	CNNVD-200602-292	date:	2006-02-20T00:00:00
db:	NVD	id:	CVE-2006-0797	date:	2017-07-20T01:30:04.847

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2006-0965	date:	2006-02-19T00:00:00
db:	BID	id:	16666	date:	2006-02-15T00:00:00
db:	PACKETSTORM	id:	43772	date:	2006-02-13T19:29:16
db:	CNNVD	id:	CNNVD-200602-292	date:	2006-02-19T00:00:00
db:	NVD	id:	CVE-2006-0797	date:	2006-02-19T21:02:00