CVE-2006-3146: Buffer Overflow
First published: Thu Jun 22 2006(Updated: )
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Toshiba Bluetooth Wireless Device Driver | <=4.00.29 | |
| Toshiba Bluetooth Wireless Device Driver | =3.00.11 | |
| Toshiba Bluetooth Wireless Device Driver | =3.00.12 | |
| Toshiba Bluetooth Wireless Device Driver | =3.00.31a | |
| Toshiba Bluetooth Wireless Device Driver | =3.00.32 | |
| Toshiba Bluetooth Wireless Device Driver | =3.01.03 | |
| Toshiba Bluetooth Wireless Device Driver | =3.10.00 | |
| Toshiba Bluetooth Wireless Device Driver | =3.20.00 | |
| Toshiba Bluetooth Wireless Device Driver | =3.20.01 | |
| Toshiba Bluetooth Wireless Device Driver | =3.20.02 | |
| Toshiba Bluetooth Wireless Device Driver | =3.20.04 | |
| Toshiba Bluetooth Wireless Device Driver | =4.00.01t | |
| Toshiba Bluetooth Wireless Device Driver | =4.00.11 | |
| Toshiba Bluetooth Wireless Device Driver | =4.00.23 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/18527
- http://trifinite.org/trifinite_advisory_toshiba.html
- http://secunia.com/advisories/20657
- http://securitytracker.com/id?1016345
- http://www.osvdb.org/26686
- http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
- http://attrition.org/pipermail/vim/2006-October/001085.html
- http://briankrebswatch.blogspot.com/2006/10/more-on-toshiba-patches.html
- http://trifinite.org/blog/archives/2006/06/update_tosiba_a.html
- http://www.vupen.com/english/advisories/2006/2455
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27228
- http://www.securityfocus.com/archive/1/437811/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-3146?
CVE-2006-3146 has a high severity level due to its potential to cause a denial of service resulting in a reboot of affected systems.
How do I fix CVE-2006-3146?
To fix CVE-2006-3146, update your Toshiba Bluetooth Stack to a version later than 4.00.29 or apply the recommended patches if available.
Which Toshiba Bluetooth Stack versions are affected by CVE-2006-3146?
CVE-2006-3146 affects Toshiba Bluetooth Stack versions 4.00.29 and earlier, as well as specific versions from 3.00.11 to 4.00.23.
What impact does CVE-2006-3146 have on vulnerable systems?
CVE-2006-3146 allows attackers to remotely trigger a reboot on vulnerable systems, leading to potential service disruption.
Is Microsoft Windows vulnerable to CVE-2006-3146?
No, Microsoft Windows itself is not vulnerable to CVE-2006-3146 but the vulnerability affects the Toshiba Bluetooth Stack installed on Windows.
- collector/nvd-historical
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/toshiba
- canonical/toshiba bluetooth wireless device driver
- version/toshiba bluetooth wireless device driver/4.00.29
- version/toshiba bluetooth wireless device driver/3.00.11
- version/toshiba bluetooth wireless device driver/3.00.12
- version/toshiba bluetooth wireless device driver/3.00.31a
- version/toshiba bluetooth wireless device driver/3.00.32
- version/toshiba bluetooth wireless device driver/3.01.03
- version/toshiba bluetooth wireless device driver/3.10.00
- version/toshiba bluetooth wireless device driver/3.20.00
- version/toshiba bluetooth wireless device driver/3.20.01
- version/toshiba bluetooth wireless device driver/3.20.02
- version/toshiba bluetooth wireless device driver/3.20.04
- version/toshiba bluetooth wireless device driver/4.00.01t
- version/toshiba bluetooth wireless device driver/4.00.11
- version/toshiba bluetooth wireless device driver/4.00.23
- vendor/microsoft
- canonical/microsoft windows