F-Secure and ISC is reporting that a prof of concept for a bluetooth worm using the OBEX Push vulnerability, is out in the wild. This could get nasty on a local office. Bluetooth radio usally doesn't reach more than 10 meters, but up to a 100 meters is possible. Imagine a Mac OS X crowded office with lots of cool G4's and G5 laptops spreading a nasty bluetooth worm. There has to be some kind of better authentication mechanism for bluetooth soon. A four digit pin just seems too poor. And Access List should be on by default on every bluetooth device.
F-Secure Weblog
ISC Internet Storm Center
Technorati Tags:
bluetooth worm, mac os x, prof of concept, f-secure, internet storm center, sans, vulnerability, OBEX
Del.icio.us Tags:
bluetooth worm, mac os x, prof of concept, f-secure, internet storm center, sans, vulnerability, OBEX
skip to main |
skip to sidebar
Server client security blog Unix Linux Windows Mac OS. Protect, Security LSM, No Exec, Shield, Wrapper, chroot, grsecurity, apparmor, selinux, enhanced, users, permissions, oracle, mysql, apache, httpd, proxy, firewall, management, enterprise,logs, parse, trust, ssl, tls, sap, tns, jboss, java, weblogic, 10, sp, intrusion, detection, prevention, cisco, netgear, router, switch, pax, buffer, overflow, format string, XSS, cross-site,spoofed, RFID, encryption cryptography, gpg, pgp
