Information from SoftBank
Vulnerability ID:JVN#81094176
Title:Android OS may behave as an open resolver
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Basically, there is no influence as to vulnerability for Softbank 3G/4G LTE network
and Softbank Wi-Fi Spot users as well as Wi-Fi tethering users.
There may be a possibility that without noticing you may get involved with unauthorized
behavior by third party if you connect with unreliable Wi-Fi access point and
activate USB or Bluetooth tethering function.
The listed models have the reported vulnerability.
#Fixed
The following handsets users are encouraged to update the models.
Their latest software and application versions fix it.
- KYOCERA handsets
201K (Fix-2014/11/20 release software)
http://www.softbank.jp/mobile/info/personal/software/20141120-01/
202K (Fix-2014/11/5 release software)
http://www.softbank.jp/mobile/info/personal/software/20141105-01/
- SHARP handsets
303SH (Fix-2015/1/30 release software)
http://www.softbank.jp/mobile/info/personal/software/20150130-01/
302SH (Fix-2014/11/14 release software)
http://www.softbank.jp/mobile/info/personal/software/20141114-01/
206SH (Fix-2014/12/05 release software)
http://www.softbank.jp/mobile/info/personal/software/20141205-01/
205SH (Fix-2014/12/10 release software)
http://www.softbank.jp/mobile/info/personal/software/20141210-01/
203SH (Fix-2014/11/25 release software)
http://www.softbank.jp/mobile/info/personal/software/20141125-01/
200SH (Fix-2014/11/20 release software)
http://www.softbank.jp/mobile/info/personal/software/20141120-02/
#Under study
- FUJITSU handsets 101F/201F/202F/301F
#Not determined
- HUAWEI handsets 201HW
- MOTOROLA handsets 201M
