Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-1367. PoCs published by kspecial.
AI-analyzed exploit summary This exploit leverages a Bluetooth dialog-spoofing vulnerability in Motorola mobile handsets (e.g., PEBL, V600) to trick users into granting AT command access. The attacker manipulates the device name to display a deceptive message, potentially leading to unauthorized access.
Description
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook entries and saved SMS messages by connecting on Bluetooth channel 3 and tricking the user into pressing Grant, aka a "Blueline" attack. NOTE: while user-assisted, the attack is made more feasible because of a GUI misrepresentation issue that allows a default message to be replaced by an attacker-specified one.
Exploits (1)
This exploit leverages a Bluetooth dialog-spoofing vulnerability in Motorola mobile handsets (e.g., PEBL, V600) to trick users into granting AT command access. The attacker manipulates the device name to display a deceptive message, potentially leading to unauthorized access.