Android Denial of Service issues
Posted on 06 October 2009.
Android, the open source mobile phone platform, is affected by two bugs that lead to Denial of Service (DoS).

The most recent report concerns Android handling of SMS messages: a specific malformed SMS message can be crafted to trigger a condition that disconnects the mobile phone from the cellular network. The malformed SMS message consists of a badly formatted WAP Push message which causes an Java ArrayIndexOutOfBoundsException in the phone application (

The phone application silently restarts without user awareness, this leads to a temporary loss of connectivity (as well as dropping of current calls, if any) which can be prolonged in case the phone SIM is protected by PIN, due to required PIN re-entry and the need for user attention. Triggering this bug (repeatedly in case no PIN is present) is considered a remote DoS condition.

The second report addresses a number of issues discovered in the Android's Dalvik API, one of them has been classified by the Android team as a DoS vulnerability which leads to restarting the system process.

A specific malicious application can be crafted so that if it is downloaded and executed by the user, it would trigger the vulnerable API function and restart the system process. The same condition could occur if a developer unintentionally places the vulnerable function in a place where the execution path leads to that function call. Triggering this bug is considered a DoS condition.

All the reported issues have been patched.

Affected version

Malformed SMS DoS: Android all 1.5 CRBxx versions (where xx are digits)

Dalvik API DoS: Android <= 1.5

Fixed version

Malformed SMS DoS: Android 1.5 CBDxx, CRCxx and COCxx (where xx are digits)

Dalvik API DoS: Android >= Donut DRC79


Charlie Miller, Collin Mulliner (malformed SMS DoS), Emmanouel Kellinis, KPMG London (Dalvik API DoS).


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th