Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Buffer overflow exploit on Widcomm software causes security warning
Posted on 13-Aug-2004 07:24 | Tags Filed under: News



Widcomm's products provides a range of Bluetooth connectivity solutions for PCs, PDAs, mobile phones, headsets, digital cameras, access points, and various output devices. British security testing service Pentest says Widcomm supply their Bluetooth Communications software to other companies to allow them to integrate Bluetooth technology into their devices. They also supply Bluetooth SDK's to enable developers to create applications that use Bluetooth. Therefore it may not be immediately apparent that you are using the Widcomm Bluetooth software and version numbers may vary.

An unauthenticated remote attacker can submit various malformed service requests via Bluetooth, triggering a buffer overflow and executing arbitrary code on the vulnerable device.

On Windows platforms this allows arbitrary code execution under the context of the currently logged on user account. Pentest have tested for the reported vulnerability against BTStackServer version 1.3.2.7 and 1.4.2.10 on both Windows XP and Windows 98 which ships with MSI Bluetooth Dongles. They have also tested this against an Pocket PC HP iPaq 5450 running WinCE 3.0 with Bluetooth software version 1.4.1.03.

Whilst the above platforms are the only platforms tested and confirmed to be exploitable by Pentest, the company says the discussions with Widcomm lead them to believe that are all versions prior to version BTW & BT-CE/PPC 3.0 are affected by this vulnerability. Widcomm has not confirmed whether BT-PPC/Phone Edition, BT-Smartphone, BTE-Mobile or BTE are vulnerable.

Pentest recommends users to set the devices to non-discoverable mode. It will not eliminate the vulnerability, but will limit exposure.


More information: http://www.pentest.co.uk/documents/ptl-2004-0...

comments powered by Disqus


Trending now »

Hot discussions in our forums right now:

IPv6 beta for Bigpipe
Created by JoshBigpipe, last reply by michaelmurfy on 29-Mar-2017 12:25 (95 replies)
Pages... 5 6 7


Dishwasher Recommendations Please
Created by tdgeek, last reply by dafman on 29-Mar-2017 16:13 (29 replies)
Pages... 2


The President Of The USA: Donald Trump
Created by TimA, last reply by joker97 on 29-Mar-2017 12:10 (3690 replies)
Pages... 244 245 246


Dell laptops shipping with 10/100 ethernet adapters -Am I being ripped off?
Created by Fishfingers, last reply by networkn on 27-Mar-2017 17:54 (50 replies)
Pages... 2 3 4


New fibre speed boost only get half speed
Created by Jekkyl, last reply by Jase2985 on 29-Mar-2017 16:16 (48 replies)
Pages... 2 3 4


Temperature Monitoring
Created by michaelmurfy, last reply by richms on 25-Mar-2017 23:38 (21 replies)
Pages... 2


TiVo Service ending on 31 October 2017
Created by Riggleby, last reply by old3eyes on 28-Mar-2017 11:15 (566 replies)
Pages... 36 37 38


Cost of preparing wills
Created by Wazza69, last reply by Pumpedd on 29-Mar-2017 15:43 (39 replies)
Pages... 2 3