Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE-2005-0002: BlueBug
Candidate
BlueBug is the name given to a vulnerability found on certain Nokia, Sony/Ericcson, and Motorola phones that use Bluetooth which allows an attacker to establish a serial connection to the phone without authenticating. This allows an attacker to nearly take full control of the phone through AT commands.
WVE-2005-0003: BlueSnarf
Candidate
The BlueSnarf vulnerability allows an attacker to covertly retrieve information from certain models of Bluetooth enabled cellular phones via the OBEX protocol.
WVE-2005-0005: BlueSmack
Candidate
BlueSmack is a vulnerability in the L2CAP layer of some Bluetooth devices that results in a Denial of Service.
WVE-2005-0006: BlueSnarf++
Candidate
BlueSnarf++ is a variation on the BlueSnarf vulnerability. This vulnerability allows the attacker to fully browse the vulnerable device's filesystem and not only read, but write data to the device.
WVE-2005-0007: HeloMoto
Candidate
The HeloMoto vulnerability is a combination of the BlueBug and BlueSnarf attacks, yielding nearly full control of a vulnerable device. The vulnerability was first discovered in Motorola phones, hence its name.
WVE-2005-0008: 802.11 SSID Can be Spoofed
Candidate
The SSID used to identify an 802.11 network can be trivially faked by an attacker. Since the SSID is displayed to the user by most 802.11 clients and used to choose which network to connect to, a spoofed SSID can be used to trick a client into connecting to the wrong AP.
WVE-2005-0009: Static Bluetooth PIN codes
Candidate
Bluetooth devices that have no means for PIN code input come with a hard-coded PIN to use when pairing with another device.
WVE-2005-0016: IEEE 802.11 WEP Integrity Check Vulnerability
Candidate
The 802.11 Wired Equivalent Privacy algorithm uses CRC32 values that may fail to ensure the integrity of decrypted messages.
WVE-2005-0019: 802.11 Lacks Authentication of Management Frames
Candidate
The 802.11 standard does not authenticate management frames. This exposes wireless devices to spoofing attacks.
WVE-2005-0021: WEP Weak IVs Vulnerability
Candidate
The WEP encryption system used by 802.11 networks utilizes RC4 in a flawed manner which can lead to a WEP key becoming compromised.
