New User, Welcome!     Login

Palm OS

SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

                   Symantec Vulnerability Research
                   http://www.symantec.com/research
                         Security Advisory

   Advisory ID: SYMSA-2007-007
Advisory Title: Palm OS Treo Smartphone Denial of Service
       Authors: J.R. Wikes
  Release Date: 20-08-2007
   Application: N/A
     Platforms: Palm Treo 650, 680, 700p & 755p Smartphones 
      Severity: Remotely exploitable / Denial of Service

RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

-----Original Message-----
From: Stuart Moore [mailto:smoore.bugtraq@securityglobal.net] 
Sent: Monday, August 20, 2007 16:13
To: research@symantec.com; bugtraq@securityfocus.com
Subject: Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

Hi.  Is this fundamentally different than the previously reported PalmOS

ICMP denial of service bug (CVE-2003-0293)?

Re: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

Hi.  Is this fundamentally different than the previously reported PalmOS 
ICMP denial of service bug (CVE-2003-0293)?

Thanks,

Stuart

Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

I've also tried this on a Verizon Palm OS Treo Smartphone, and it took only one ICMP packet at the size noted in this writeup.  This bug is definitely different then the ICMP flood affecting palm pilots in CVE-2003-0293.


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!