Analysis of the iOS SSID Format String Bug ⇥ blog.chichou.me
Carl Schou on Twitter:
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~)
Zhi Zhou analyzed this bug:
For the exploitability, it doesn’t echo and the rest of the parameters don’t seem like to be controllable. Thus I don’t think this case is exploitable. After all, to trigger this bug, you need to connect to that WiFi, where the SSID is visible to the victim. A phishing Wi-Fi portal page might as well be more effective.
Embarrassing — but, apparently, not dangerous.