Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users

ID VU:258390
Type cert
Reporter CERT
Modified 2005-05-16T00:00:00



Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default.


Mac OS X includes support for the Bluetooth networking protocol suite. Bluetooth is a communication technology that enables short-range communication between devices.

The default Bluetooth settings in OS X may allow files to be exchanged with other devices unknowingly. The default location for files that are exchanged may also be used by other applications, resulting in unintended information disclosure.


Remote attackers may be able to exchange files with a Bluetooth-enabled system running Mac OS X, resulting in unintended information disclosure.


Apply An Update

Apple has addressed the issue in Security Update 2005-005.

As a workaround, users can manually disable the Bluetooth file sharing service or change the default location used for file transfers.

Systems Affected

Vendor| Status| Date Notified| Date Updated
Apple Computer Inc.| | -| 05 May 2005
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A


  • <>
  • <>
  • <>


Thanks to Apple Product Security for reporting this vulnerability, who in turn credit Kevin Finisterre with reporting the issue.

This document was written by Ken MacInnis.

Other Information

  • CVE IDs: CAN-2005-1332
  • Date Public: 03 May 2005
  • Date First Published: 09 May 2005
  • Date Last Updated: 16 May 2005
  • Severity Metric: 2.02
  • Document Revision: 7