Information from NTT DOCOMO, INC.
Vulnerability ID:JVN#81094176
Title:Android OS may behave as an open resolver
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Handsets are NOT affected by this vulnerability when connected to NTT DOCOMO’s network (3G/LTE, docomo Wi-Fi).
In addition, among the tethering modes, only USB tethering mode and Bluetooth tethering mode are affected.
Users are kindly advised NOT to activate USB/ Bluetooth tethering function when connected to non-reliable Wi-Fi access points.
The following devices (winter 2010 – summer 2014) are affected.
==============================
<Software updates available>
Customers are advised to apply the latest software updates.
https://www.nttdocomo.co.jp/support/utilization/product_update/index.html
===Sharp===
-SH-10D (software update available on 2014/4/7): Please apply the OS version up software and update to the latest software.
-SH-02E (software update available on 2014/10/14): Please apply the OS version up software and update to the latest software.
-SH-04E (software update available on 2014/10/30)
-SH-06E (software update available on 2014/7/14)
-SH-07E (software update available on 2014/10/30)
-SH-08E (software update available on 2014/9/3)
-SH-01F (software update available on 2014/6/9)
-SH-01F DQ (software update available on 2014/7/7)
-SH-02F (software update available on 2014/6/30)
===Fujitsu===
-F-01F (OS version up software update available on 2015/2/5)
-F-02F (OS version up software update available on 2015/2/5)
===Samsung Electronics===
-SC-02E (OS version up software update available on 2014/4/17)
-SC-03E (OS version up software update available on 2014/4/17)
-SC-04E (OS version up software update available on 2014/2/17)
===Sony Mobile Communications===
-SO-02E (OS version up software update available on 2014/09/11)
-SO-01F (OS version up software update available on 2014/6/26)
-SO-02F (OS version up software update available on 2014/6/26)
===LG Electronics Japan===
-L-01E (Software update in 2015/4/23)
-L-05E (Software update in 2015/4/7)
-L-01F (Software update in 2015/4/6)
==============================
<Software updates planned>
===Sharp===
-SH-09D (Software update planned from 2015/fall on)
-SH-01E (Software update planned from 2015/fall on)
-SH-01EVW (Software update planned from 2015/fall on)
-SH-05F (Software update planned from 2015/6 on)
==============================
<Not determined>
-Fujitsu: F-01D, F-03D, F-05D, F-07D, F-08D, F-09D, F-10D, F-11D, T-01D, T-02D,
F-02E, F-03E, F-04E, F-05E, F-06E, F-07E, F-09E, F-03F, F-04F
-Samsung Electronics: SC-02B, SC-01C, SC-02C, SC-01D, SC-02D, SC-03D, SC-05D,
SC-06D, SC-01E
-Sony Mobile Communication: SO-01C, SO-02C, SO-03C, SO-01D, SO-02D, SO-03D,
SO-04D, SO-05D, SO-01E, SO-03E, SO-04E, SO-04E MIKU
-LG Electronics Japan: L-04C, L-07C, L-01D, L-02D, L-05D, L-06D, L-06DJOJO,
L-02E, L-04E, L-06C
-Panasonic Mobile Communications: P-03E
-Huawei: HW-01E, HW-03E