Info

Disclosure

Jul 14, 2006

Discovery

Unknown

Dates

Exploit

Jul 14, 2006

Solution

Unknown

Description

Mac OS X contains a flaw that may allow a malicious user to more easily compromise a Bluetooth pairing. The issue is due to an insufficient passkey length of only six characters. It is possible that the flaw may allow an attacker to more easily guess the passkey due to limited keyspace resulting in a loss of confidentiality.

Classification

Location: Remote / Network Access
Attack Type: Cryptographic
Impact: Loss of Confidentiality
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Concern

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch (Security Update 2006-004) to address this vulnerability.

Products

Apple Computer, Inc.	Mac OS X	10.4
		10.4.1
		10.4.2
		10.4.3
		10.4.4
		10.4.5
		10.4.6
		10.4.7

References

Secunia Advisory ID: 21253
Related OSVDB ID: 27730 27731 27732 27733 27735 27736 27737 27738 27739 27740 27741 27742 27743 27744 27745
Vendor Specific Advisory URL: http://docs.info.apple.com/article.html?artnum=304063

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/27734

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Apple Computer, Inc.

Mac OS X

References

Credit