Rule Category

OS-MOBILE -- Snort has detected traffic targeting vulnerabilities in a mobile-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)

Alert Message

OS-MOBILE Google Android Kernel local denial of service attempt

Rule Explanation

This event is generated when a malicious JAR file containing a denial of service affecting the Google Android Kernel is downloaded. Impact: Denial of Service Details: A denial of service is present in Google Android Kernel 2.6 where an attempt to write an extremely long filename to an SD card many times will result in a denial of service. Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

Additional Links

CVE Additional Information

CVE-2013-1773
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.
Details
SeverityMEDIUM Base Score6.2
Impact Score10.0 Exploit Score1.9
Confidentiality ImpactCOMPLETE Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE Access VectorLOCAL
AuthenticationNONE Ease of AccessHIGH