Document that outlines an exploitable scenario for hcid using the popen() bug in security.c. This was written in response to a claim that the bluez vulnerability was quite trivial.
You can download it from the following link: https://packetstormsecurity.com/files/download/39467/BluezHCIDpwned.txt
Source: https://packetstormsecurity.com/files/39467/BluezHCIDpwned.txt.html