CentOS ProjectCESA-2007:0065bluez security update
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.0%
CentOS Errata and Security Advisory CESA-2007:0065
The bluez-utils package contains Bluetooth daemons and utilities.
A flaw was found in the Bluetooth HID daemon (hidd). A remote attacker
would have been able to inject keyboard and mouse events via a Bluetooth
connection without any authorization. (CVE-2006-6899)
Note that Red Hat Enterprise Linux does not come with the Bluetooth HID
daemon enabled by default.
Users of bluez-utils are advised to upgrade to these updated packages, which
contains a backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075926.html
Affected packages:
bluez-utils
bluez-utils-cups
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0065
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 4 | ia64 | bluez-utils | < 2.10-2.2 | bluez-utils-2.10-2.2.ia64.rpm |
| CentOS | 4 | ia64 | bluez-utils-cups | < 2.10-2.2 | bluez-utils-cups-2.10-2.2.ia64.rpm |
Related
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.0%