Del(l)icate Issue
Published on: June 21, 2006

Earlier this year, members of the discovered an issue with the Toshiba Windows Bluetooth Stack. Strangers can remotely cause a system exception on Windows hosts when they know the address of the internal Bluetooth device of this machine by sending large l2cap echo requests to it (see BlueSmack attack).

Toshiba has been informed about this issue in the middle of February 2006 already but didn’t manage to fix the problem. Since Toshiba has been informed once more in April 2006 and the issue still is within the product, we finally decided to publish an advisory addressing the problem so that users of the product are warned and can take countermeasures.