Bluetooth a Virus Risk
According to an advisory from British security firm Pentest, an unauthenticated remote attacker could exploit the flaw to submit malformed service requests via Bluetooth, which would trigger a buffer overflow.
In theory, security experts say, this could pave the way for the creation of a wireless worm that spreads between PCs or PDAs using Bluetooth.
"Worms like this could spread very fast, especially in an environment like a seminar or a conference," said Jarno Niemela, a virus tracker at F-Secure.
The WIDCOMM Bluetooth communications software powers integrated Bluetooth support on a range of devices. The company also supplies Bluetooth SDKs to enable developers to create applications that use Bluetooth. WIDCOMM's partners include big-name technology firms like Logitech, Samsung, Sony, Texas Instruments, Compaq and Dell.
Pentest said it tested the vulnerabilities against BTStackServer version 220.127.116.11 and 18.104.22.168 on both Windows XP and Windows 98, which ships with MSI Bluetooth dongles. A proof-of-concept exploit was also provided.
Secunia rated the flaw as "highly critical" and noted that WIDCOMM plans to provide a fix in an upcoming Version 3. Secunia also urged users to limit exposure by configuring the Bluetooth device to be in either non-discoverable or hidden mode.
The Bluetooth flaw warning comes on the heels of the recent discovery of the first computer virus spreading via cell phone networks. That worm was capable of scanning all accessible phones, using Bluetooth technology to send itself.
This story first appeared on internetnews.com.