More DoS Vulnerabilities in Android...


I had written a blog about an Android API that can be used to shutdown/reboot an Android device and perform denial-of-service (DoS) attack. 

I have found 2 more Android core API's that are vulnerable DoS attacks:

- com.android.settings.accoutsyncsettings
- com.android.settings.accountSyncSettingsInAddAccount

With that the count now stands at 3 vulnerable API's that can be used for targeted DoS attacks.

List of Vulnerable API's (Updated):
- com.android.settings.accoutsyncsettings
- com.android.settings.accountSyncSettingsInAddAccount
- android.accounts.GrantCredentialsPermissionActivity

For details on how to exploit or how these vulnerabilities affect Android system, please refer my earlier blog post on Android DoS.

Comments

Popular posts from this blog

Problems with Equifax Breach Disclosure

Potential DoS Vulnerability with Android System

Why does my Android App READ SMS?