Siemens S55 phones send unauthorized SMS messages

By Edmund X. DeJesus, Contributing Writer 04 May 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Siemens S55 cellular phones have a vulnerability that can cause the phone to send Short Message Service (SMS) protocol messages that the user doesn't intend. But first the user must be tricked into running malicious Java code to exploit the vulnerability.

The Siemens S55 includes Java technology that supports a number of applications for business, travel, entertainment and games. The cell phone's Java virtual machine includes a full-featured API so that third-party software developers can create additional applications. SMS permits sending messages no longer than 160 alphanumeric characters with no images or graphics.

The Phenoelit Group of gray-hat hackers has discovered that there are problems in the Siemens S55 time.jar java file. Usually, sending SMS messages or placing calls via Java applications requires user permission, which is obtained through an on-screen dialog. However, filling the screen with other items obscures this dialog, so that the user may unwittingly approve sending SMS messages to another number. For this to work, the attacker must trick the user into installing the malicious Java software, which isn't a difficult feat. Members of Phenoelit originally presented this vulnerability at a black hat convention in Las Vegas in 2003.

While not a critical security vulnerability, this problem does represent a security bypass, and may be the first of similar exploits on cellular phones and other devices sophisticated enough to use Java technology. As always, users should not download and run untrusted applications, even on their phones.

Tags: Wireless Network Protocols and Standards,  Wireless LAN Design and Setup,  Web Server Threats and Countermeasures,  Web Application and Web 2.0 Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Wireless Network Protocols and Standards Wireless network guidelines for PCI DSS compliance Best Wireless Security Products MMS messaging spoof hack could have global ramifications PCI group releases wireless security guide 802.1X Port Access Control: Which version is best for you? Wireless Security Lunchtime Learning A wireless network vulnerability assessment checklist How to configure VLANs with 802.1X for WLAN authorization Risky Business: Understanding WiFi threats Lesson 1 quiz: Risky business Wireless LAN Design and Setup Wireless network guidelines for PCI DSS compliance Best Wireless Security Products How to prevent wireless DoS attacks Lesson 4 quiz: How to use wireless IPS Wireless intrusion prevention systems: Overlay vs. embedded sensors Rogue AP containment methods How to monitor WLAN performance with WIPS The role of VPN in an enterprise wireless network Wireless AP placement basics Lesson 3 quiz: Who goes there? Wireless LAN Design and Setup Research Web Server Threats and Countermeasures VeriSign extends DDoS attack protection service Microsoft issues IIS FTP advisory, exploit code circulates Panda reports fast-spreading rogueware antivirus fraud rakes in millions Oracle issues quarterly patches, fixes database flaws Latest DDoS attacks extremely unsophisticated, experts say Stolen FTP credentials likely in massive website attacks Microsoft warns of IIS zero-day vulnerability How to find and stop automated SQL injection attacks How to spot attacks through Apache Web server log analysis Symantec acquires Mi5 Networks, bolsters Web security

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Wired Equivalent Privacy  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary