More DoS Vulnerabilities in Android...


I had written a blog about an Android API that can be used to shutdown/reboot an Android device and perform denial-of-service (DoS) attack. 

I have found 2 more Android core API's that are vulnerable DoS attacks:

- com.android.settings.accoutsyncsettings
- com.android.settings.accountSyncSettingsInAddAccount

With that the count now stands at 3 vulnerable API's that can be used for targeted DoS attacks.

List of Vulnerable API's (Updated):
- com.android.settings.accoutsyncsettings
- com.android.settings.accountSyncSettingsInAddAccount
- android.accounts.GrantCredentialsPermissionActivity

For details on how to exploit or how these vulnerabilities affect Android system, please refer my earlier blog post on Android DoS.

Popular posts from this blog

iPhone's Persistent Connection to Apple

Gmail Session Management Vulnerability (Mobile Browsers)

Potential DoS Vulnerability with Android System