Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Serious flaws in bluetooth security lead to disclosure of personal data

From: nosp <nosp () xades com>
Date: Fri, 14 Nov 2003 16:05:36 +0000
On Fri, 2003-11-14 at 10:21, Pentest Security Advisories wrote:
[...]

No, you didn't misread - The T610, whilst still vulnerable to some 
attacks, does provide more protection
of OBEX profiles. In this respect, it's better than the other phones / 
devices we've tested.

On the particular T610 that was tested, we found that whilst it was 
possible to upload files to the phone we could not download files from it.


It is very possible (and easy) to download (very) sensitive files from a
T610 as long as the MAC is known; no pairing necessary.  Firmware rev
R3C002.  Files include calendar and phonebook.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: