Lucene search

[email protected]CVE-2005-2716

HistoryAug 29, 2005 - 8:14 p.m.

CVE-2005-2716

2005-08-2920:14:00

[email protected]

web.nvd.nist.gov

cve-2005-2716

nokia affix

remote attack

arbitrary commands

bluetooth

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.071 Low

EPSS

Percentile

94.0%

JSON

The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name.

Affected configurations

NVD

Node

nokiaaffixMatch2.1.2

nokiaaffixMatch3.2.0

CPENameOperatorVersion
nokia:affixnokia affixeq2.1.2
nokia:affixnokia affixeq3.2.0

CPE	Name	Operator	Version
nokia:affix	nokia affix	eq	2.1.2
nokia:affix	nokia affix	eq	3.2.0

References

affix.sourceforge.net/patch_btsrv_affix_2_1_2

affix.sourceforge.net/patch_btsrv_affix_3_2_0

marc.info/?l=bugtraq&m=112511370326063&w=2

secunia.com/advisories/16574/

www.debian.org/security/2005/dsa-796

www.digitalmunition.com/DMA%5B2005-0826a%5D.txt

www.securityfocus.com/bid/14672

exchange.xforce.ibmcloud.com/vulnerabilities/22034

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.071 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2005-2716

osv1 nvd1 openvas1 cvelist1 ubuntucve1 nessus1 debian2