Palm Pilot open to denial of service attack

A flaw in the Palm Pilot Hotsync Manager application could open the machine to remote attacks and may even crash the system according to security site Securityteam.com.

When Hotsync manager is set to network mode, by sending a large amount of data followed by a new line, it is possible to crash a Pilot and possibly even execute arbitrary code on the device according to Aviram Jenik of Securityteam.

Jenik says, "We did a little research on attacks that can be performed on the Palm Pilot (we're also searching for tools that can turn the Palm into an attacking tool, but that's another thing). A hotsync DoS (Denial of Service) attack is not as sexy as breaking into networks via printers, but it still deserves some attention."

Palm did not return calls by press time.

Full details of the exploit can be found at the Securityteam Web site here .