TITLE:
Sony Ericsson Cell Phones Bluetooth L2CAP Denial of Service

SECUNIA ADVISORY ID:
SA18747

VERIFY ADVISORY:
http://secunia.com/advisories/18747/

CRITICAL:
Not critical

IMPACT:
DoS

WHERE:
>From remote

OPERATING SYSTEM:
Sony Ericsson W800i
http://secunia.com/product/7845/
Sony Ericsson K600i
http://secunia.com/product/7841/
Sony Ericsson T68i
http://secunia.com/product/7846/
Sony Ericsson V600i
http://secunia.com/product/7844/

DESCRIPTION:
Pierre Betouin has discovered a vulnerability in various Sony
Ericsson cell phones, which can be exploited by malicious people to
cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the L2CAP (Logical
Link Control and Adaptation Layer Protocol) layer. This can be
exploited to temporary halt a vulnerable cell phone by sending a
L2CAP packet with a specially crafted header through a wireless
Bluetooth connection.

Successful exploitation requires that Bluetooth is enabled on the
affected device.

The vulnerability has been confirmed to affect Sony Ericsson W800i
and has also been reported to affect the following products:
* Sony Ericsson K600i
* Sony Ericsson V600i
* Sony Ericsson T68i

SOLUTION:
Disable Bluetooth.

PROVIDED AND/OR DISCOVERED BY:
Pierre Betouin

ORIGINAL ADVISORY:
http://www.secuobs.com/news/05022006-bluetooth7.shtml#english

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------