Menu

Database

BlueBump

WVE ID: WVE-2005-0012

Type: Exploit

Status: Candidate

Classification:
Authentication Management

Description:
The BlueBump attack involves pairing with another device for a simple service and then using that pairing to attack other services.

Discussion:
To perpetrate that attack the attacker gets the victim to accept a connection for a trivial data exchange such as receiving a business card, calendar entry, or picture.

After the data has been sent, the attacker still keeps the connection open. This enables the attacker to request a link key regeneration after the victim has deleted the pairing. After a new link key has been generated the attacker then has access to the victim's device at any time and has full access to any of the services provided by the victim's device.

Credits
Author: Adam Laurie (adam@trifinite.org) : trifinite.org
Author: Marcel Holtmann (marcel@trifinite.org) : trifinite.org
Author: Martin Herfurt (martin@trifinite.org) : trifinite.org

References
URL: http://trifinite.org/trifinite_stuff_bluebump.html

Released: 2005-04-01

Submitter
Andrew Lockhart (alockhart@networkchemistry.com) : Network Chemistry

Submitted: Wed Oct 19 15:42:15 -0700 2005

Candidate Date: Mon Oct 24 10:06:40 -0700 2005


Recent Entries

Weaknesses in the A5/1 Cipher
WVE-2008-0007 4/9/2008
Block ACK DoS
WVE-2008-0006 4/9/2008
GF Mode WIDS Rogue AP Evasion
WVE-2008-0005 4/9/2008
HT Intolerant Degradation of Service
WVE-2008-0004 4/9/2008
Sidejacking
WVE-2008-0003 4/2/2008
ZiPhone
WVE-2008-0002 4/2/2008
RADIUS Key Delivery Exposure
WVE-2008-0001 3/21/2008
BackTrack
WVE-2007-0020 11/19/2007
Airoscript
WVE-2007-0019 11/19/2007
airoway.sh
WVE-2007-0018 11/19/2007
More Entries...

News

SANS Institute Sponsors WVE
4/19/2008
Wireless Attackers and Honeypot Technology
4/15/2008
High Speed Risks in 802.11n Slides Posted
4/11/2008
Vulnerabilities in 802.11n
4/9/2008
WVE Editors Speaking at SHARKFEST.08
1/3/2008
More News...