Pierre Betouin

**Name of the Vulnerable Software and Affected Versions** Nokia N70 cell phone (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in a reboot or shutdown of the device. This is achieved through a wireless Bluetooth connection by sending a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet. The packet's length field is less than the actual length of the packet, which may trigger a buffer overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: hcidump version 1.29 bluez-hcidump (affected versions not specified) Description: The issue is related to a buffer overflow in the l2cap.c file of hcidump, which can be exploited by remote attackers through a wireless Bluetooth connection using a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet, leading to a denial of service (crash). Multiple vulnerabilities in the bluez-hcidump package of Debian GNU/Linux can also be exploited remotely, potentially disrupting the availability of protected information. Recommendations: For hcidump version 1.29, update to a newer version that contains a fix for this issue. For bluez-hcidump, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sony Ericsson K600i, V600i, W800i, and T68i (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in a reboot or shutdown of the device, through a wireless Bluetooth connection. This is achieved by sending a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet with a length field that is less than the actual length of the packet. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.