23 matches found
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
Mageia: Security Advisory (MGASA-2020-0402)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-202012-12] blueman: privilege escalation
Arch Linux Security Advisory ASA-202012-12 ========================================== Severity: High Date : 2020-12-09 CVE-ID : CVE-2020-15238 Package : blueman Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1259 Summary ======= The package blueman before versio...
Security update for blueman (moderate)
openSUSE Security Update: Security update for blueman Announcement ID: openSUSE-SU-2020:2024-1 Rating: moderate References: 1178196 Cross-References: CVE-2020-15238 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update f...
openSUSE Security Update : blueman (openSUSE-2020-1997)
This update for blueman fixes the following issues : - Update to version 2.1.4 - CVE-2020-15238: Fixed a local denial-of-service in the D-Bus interface boo1178196 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Security update for blueman (moderate)
openSUSE Security Update: Security update for blueman Announcement ID: openSUSE-SU-2020:1997-1 Rating: moderate References: 1178196 Cross-References: CVE-2020-15238 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available...
GLSA-202011-11 : Blueman: Local privilege escalation
The remote host is affected by the vulnerability described in GLSA-202011-11 Blueman: Local privilege escalation Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible. Impact : A local attacker may be able to...
Updated blueman packages fixes a security vulnerability
Vaisha Bernard discovered that blueman did not properly sanitize input on the D-Bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service CVE-2020-15238...
Fedora 31 : 1:blueman (2020-e083225fa1)
Update to v2.1.4. Contains security fix for CVE-2020-15238. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...
Fedora 32 : 1:blueman (2020-ebabb6bf76)
Update to v2.1.4. Contains security fix for CVE-2020-15238. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...
Fedora 33 : 1:blueman (2020-7c22b25a07)
Update to v2.1.4. Contains security fix for CVE-2020-15238. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...
USN-4605-2: Blueman update
Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238 While a previous security update fixed the...
Ubuntu 20.04 LTS : Blueman update (USN-4605-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4605-2 advisory. Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue...
Ubuntu: Security Advisory (USN-4605-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Blueman < 2.1.4 - Local Privilege Escalation Vulnerability
Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE: CVE-2020-15238 ...
Blueman < 2.1.4 - Local Privilege Escalation
Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Date: 2020-10-27 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE...
Blueman Local Root / Privilege Escalation
Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Date: 2020-10-27 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE...
Ubuntu: Security Advisory (USN-4605-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-15238
creationtimestamp| type| source ---|---|--- 2020-10-27 21:30:36+00:00| seen| https://t.me/cibsecurity/15621 2020-10-28 13:20:10+00:00| seen| https://t.me/CyberSecurityTechnologies/1997...
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...