Sony Ericsson phones vulnerable to DoS attacks

Advisory group warns users to turn off the Bluetooth functions in some Sony Ericsson phones

If you use a Sony Ericsson Mobile Communications mobile phone, you may want to disable the Bluetooth function, the French Security Incident Response Team (FrSIRT) warned this week, saying a security vulnerability potentially puts the phones at risk to a denial-of-service (DoS) attack.

The vulnerability is said to exist in at least four Sony Ericsson models: the K600i, V600i, W800i, and T68i. The flaw is the result of an error in the Bluetooth function, according to an advisory posted on the group's Web site. L2CAP (Logical Link Control and Adaptation Layer Protocol) packets containing certain headers "could be exploited by remote attackers to cause a denial of service," it said.

However, Sony Ericsson users don't need to lose much sleep over the vulnerability, which FrSIRT classified as "low risk." The group advised users to turn off the Bluetooth functions in their phones as a solution to the problem.

Sony Ericsson officials were not immediately available to comment.