36 matches found
Astra Linux - уязвимость в bluez
BlueZ before version 5.59 allows physically nearby attackers to cause a denial of service, as malformed and invalid capabilities can be processed in the profiles/audio/avdtp.c file...
Wireshark 2.4.x < 2.4.9 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.4.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.9 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. Thi...
Wireshark 2.4.x < 2.4.9 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.9 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could...
EUVD-2018-7915
Malware in sbrugna...
ASB-A-345258562
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of...
F5 Networks BIG-IP : Wireshark vulnerabilities (K02215905)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K02215905 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector...
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the...
Wireshark 2.2.x < 2.2.17 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.2.17. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.17 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash...
PT-2023-2707 · Microsoft · Windows Bluetooth Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Bluetooth Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Bluetooth Driver, allowing a remote attacker to elevate their privileges. This can affect the system,...
OESA-2022-1922 bluez security update
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed...
UBUNTU-CVE-2022-39177
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c...
PT-2022-6907 · Bluez +3 · Bluez +3
Name of the Vulnerable Software and Affected Versions: BlueZ versions prior to 5.59 Description: The issue is related to insufficient input validation in the profiles/audio/avdtp.c component of the BlueZ package. This can be exploited by physically proximate attackers to cause a denial of service...
SUSE: Security Advisory (SUSE-SU-2018:2889-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : wireshark (openSUSE-2019-666)
This update for wireshark to version 2.4.9 fixes the following issues : Security issues fixed bsc1106514 : - CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45 - CVE-2018-16057: Radiotap dissector crash...
Wireshark 2.6.x < 2.6.3 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.3 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could...
SUSE-SU-2018:2872-1 Security update for wireshark
This update for wireshark fixes the following issues: Update wireshark to version 2.2.17 bsc1106514: Security issues fixed: - CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45 - CVE-2018-16057: Radiotap...
Updated wireshark packages fix security vulnerabilities
Updated wireshark packages fix security vulnerabilities: Bluetooth Attribute Protocol dissector crash CVE-2018-16056. Radiotap dissector crash CVE-2018-16057. Bluetooth AVDTP dissector crash CVE-2018-16058...
MGASA-2018-0370 Updated wireshark packages fix security vulnerabilities
Updated wireshark packages fix security vulnerabilities: Bluetooth Attribute Protocol dissector crash CVE-2018-16056. Radiotap dissector crash CVE-2018-16057. Bluetooth AVDTP dissector crash CVE-2018-16058...
CVE-2018-16058
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure...