Bugtraq mailing list archives

Re: [Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data

From: Pentest Security Advisories <alerts () pentest co uk>
Date: Fri, 14 Nov 2003 10:21:04 +0000


Jordan Wiens wrote:


<SNIP>

The ultimate fix is for manufacturers to provide a greater separation of
services, an attitude that seems to have been taken with the Ericsson T610.



I'm a bit confused; if I read it right, the first report specifically
mentioned this as a vulnerable device, now it's listed as one that got it
right?  Did I misread?

No, you didn't misread - The T610, whilst still vulnerable to someattacks, does provide more protectionof OBEX profiles. In this respect, it's better than the other phones /devices we've tested.

On the particular T610 that was tested, we found that whilst it waspossible to upload files to the phone we could not download files from it.

Current thread:

Re: Serious flaws in bluetooth security lead to disclosure of personal data Pentest Security Advisories (Nov 13)
- Re: Serious flaws in bluetooth security lead to disclosure of personal data Adam Laurie (Nov 14)
- Re: [Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data Jordan Wiens (Nov 14)
  - Re: [Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data Pentest Security Advisories (Nov 14)
    - Re: [Full-Disclosure] Re: Serious flaws in bluetooth security lead to disclosure of personal data nosp (Nov 14)
- Re: Serious flaws in bluetooth security lead to disclosure of personal data Andreas Steinmetz (Nov 14)