Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft Bluetooth Stack Remote Code Execution Vulnerability
Date Discovered: 06/10/2008
Severity: High
Operating Systems Affected: Microsoft Windows XP SP2
Microsoft Windows XP SP23
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Synopsis
Microsoft Bluetooth stack is prone to a remote code execution vulnerability because Microsoft Windows Bluetooth stack does not correctly handle a large number of service description requests.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-030.mspx
Threat Analysis
Bluetooth is an industry standard protocol that enables wireless connectivity for computers, handheld devices, mobile phones, and other devices.

A remote code execution vulnerability exists in the Bluetooth stack in Microsoft Windows because the Bluetooth stack does not correctly handle a large number of service description requests. o exploit this vulnerability, an attacker would have to rapidly send a large number of specially crafted Service Discovery Protocol (SDP) packets to an affected system. The way that the system reacts to those packets would allow the attacker to gain complete control over the affected system.

The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, delete date or create new accounts with full user rights.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1453

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Product Division of Tech Mahindra Limited | Privacy Policy | Site Map