[email protected]NVD:CVE-2005-2547

HistoryAug 12, 2005 - 4:00 a.m.

CVE-2005-2547

2005-08-1204:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.

Affected configurations

NVD

Node

bluez_projectbluezMatch2.18

References

cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31&r2=1.34

secunia.com/advisories/16453

secunia.com/advisories/16476

sourceforge.net/mailarchive/forum.php?thread_id=7893206&forum_id=1881

www.debian.org/security/2005/dsa-782

www.gentoo.org/security/en/glsa/glsa-200508-09.xml

www.securityfocus.com/bid/14572

bugs.gentoo.org/show_bug.cgi?id=101557

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for NVD:CVE-2005-2547

nessus3 openvas4 redhatcve1 cve1 debian2 cvelist1 ubuntucve1 securityvulns1 osv1 gentoo1