91 matches found
Blueman < 2.1.4 - Local Privilege Escalation
Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Date: 2020-10-27 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE...
Ubuntu: Security Advisory (USN-4605-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
DEBIAN-CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
Design/Logic Flaw
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
CVE-2020-15238 Local privilege escalation Blueman
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
CVE-2020-15238
Blueman before 2.1.4 is affected by an argument-injection vulnerability in the DhcpClient D-Bus method of blueman-mechanism. Local attackers may escalate privileges depending on system configuration: with Polkit-1 disabled and versions
[SECURITY] [DSA 4781-1] blueman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2020 https://www.debian.org/security/faq -...
USN-4605-1 blueman vulnerability
Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238...
USN-4605-1: Blueman vulnerability
Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238...
UBUNTU-CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
DSA-4781-1 blueman - security update
Bulletin has no description...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Blueman vulnerability (USN-4605-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4605-1 advisory. Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could...
OPENSUSE-SU-2019:1246-1 Security update for blueman
This update for blueman fixes the following issues: The following security issue was addressed: - Fixed the polkit authorization checks in blueman, which previously allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authenticatio...
Security update for blueman (moderate)
openSUSE Security Update: Security update for blueman Announcement ID: openSUSE-SU-2019:1246-1 Rating: moderate References: 1083066 Affected Products: openSUSE Backports SLE-15 An update that contains security fixes can now be installed. Description: This update for blueman fixes the following...
OPENSUSE-SU-2019:1050-1 Security update for blueman
This update for blueman fixes the following issues: The following security issue was addressed: - Fixed the polkit authorization checks in blueman, which previously allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authenticatio...
Security update for blueman (moderate)
openSUSE Security Update: Security update for blueman Announcement ID: openSUSE-SU-2019:1050-1 Rating: moderate References: 1083066 Affected Products: openSUSE Backports SLE-15 An update that contains security fixes can now be installed. Description: This update for blueman fixes the following...