CVE-2006-3146

CVE	CVE-2006-3146
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2006-06-22 22:06:00 UTC
Updated	2018-10-18 16:46:00 UTC
Description	The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23.

Problem Types: CWE-119

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Microsoft	Windows	All	All	All	All
Operating System	Microsoft	Windows	All	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.11	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.12	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.31a	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.32	All	All	All
Application	Toshiba	Bluetooth Stack	3.01.03	All	All	All
Application	Toshiba	Bluetooth Stack	3.10.00	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.00	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.01	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.02	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.04	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.01t	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.11	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.23	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.11	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.12	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.31a	All	All	All
Application	Toshiba	Bluetooth Stack	3.00.32	All	All	All
Application	Toshiba	Bluetooth Stack	3.01.03	All	All	All
Application	Toshiba	Bluetooth Stack	3.10.00	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.00	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.01	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.02	All	All	All
Application	Toshiba	Bluetooth Stack	3.20.04	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.01t	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.11	All	All	All
Application	Toshiba	Bluetooth Stack	4.00.23	All	All	All
Application	Toshiba	Bluetooth Stack	All	All	All	All

Reference	Source	Link	Tags
26686	OSVDB	www.osvdb.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com	Vendor Advisory
Driver Information	CONFIRM	aps.toshiba-tro.de
SecurityTracker.com Archives - Toshiba Bluetooth Stack Lets Remote Users Deny Service	SECTRACK	securitytracker.com
trifinite.blog: Update: TOSHIBA Advisory	MISC	trifinite.org
[VIM] SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability	VIM	attrition.org
SecurityFocus	BUGTRAQ	www.securityfocus.com
Brian Krebs Watch: More on the Toshiba patches	MISC	briankrebswatch.blogspot.com
Toshiba Bluetooth Stack Denial of Service Vulnerability - Advisories - Secunia	SECUNIA	secunia.com	Patch, Vendor Advisory
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
trifinite.org - the home of the trifinite.group	MISC	trifinite.org	Vendor Advisory
Toshiba Bluetooth Stack TOSRFBD.SYS Remote Denial of Service Vulnerability	BID	www.securityfocus.com	Exploit
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.