Microsoft Windows Bluetooth Stack Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability because its implementation of the Bluetooth stack fails to adequately handle a flood of specially crafted SDP Service Discovery Protocol requests. To exploit this issue, an attacker must be within close physical...

Linux Kernel 2.6.11.5 - BlueTooth Stack Privilege Escalation

Linux Kernel 2.6.11.5 - BlueTooth Stack Privilege Escalation / LINUX KERNEL Not tainted VLI EFLAGS: 00010286 2.6.9 EIP is at btsockcreate+0x3d/0x130 eax: ffffffff ebx: ffebfe34 ecx: 00000000 edx: c051bea0 esi: ffffffa3 edi: ffffff9f ebp: 00000001 esp: c6729f1c ds: 007b es: 007b ss: 0068 Process...

Linux Kernel < 2.6.11.5 BLUETOOTH Stack Local Root Exploit

Exploit for linux platform in category local exploits ========================================================== Linux Kernel Not tainted VLI EFLAGS: 00010286 2.6.9 EIP is at btsockcreate+0x3d/0x130 eax: ffffffff ebx: ffebfe34 ecx: 00000000 edx: c051bea0 esi: ffffffa3 edi: ffffff9f ebp: 00000001...

CVE-2006-6895

The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode, which allows remote attackers to obtain unauthorized inquiry responses...

CVE-2006-6896

The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which allows remote attackers to conduct unauthorized pair-up operations...

CVE-2006-6900

Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug."...

CVE-2006-6896

The vulnerability CVE-2006-6896 affects the Bluetooth stack in the Plantronics Headset, caused by improper implementation of Non-pairable mode. This allows remote attackers within range to perform unauthorized pairing operations. The provided documents do not specify any remediation, patch versio...

CVE-2006-6901

Technical details about CVE-2006-6901 are not publicly available in the provided documents. Monitor for updates from CVE/NVD/CVE portals for affected products, vulnerable components, and remediation.

CVE-2006-6903

Technical details about CVE-2006-6903 are not publicly available in the provided documents; no affected products, versions, vectors, or fixes are specified. Monitor for updates as new information may emerge.

CVE-2006-6906

Technical details for CVE-2006-6906 are not publicly available in the provided documents. Monitor for updates; no specific affected product/version, vulnerability type, impact, or remediation can be confirmed from these sources.

CVE-2006-6907

Technical details about CVE-2006-6907 are not provided in the supplied documents; no product/version/impact information is disclosed. Monitor for updates.

CVE-2006-6908

CVE-2006-6908 describes a buffer overflow in the Widcomm Bluetooth Stack COM Server. Affected components include Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth impleme...

CVE-2006-6895

The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode, which allows remote attackers to obtain unauthorized inquiry responses...

CVE-2006-6896

The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which allows remote attackers to conduct unauthorized pair-up operations...

CVE-2006-6901

Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access aka Remote Root via unspecified vectors...

CVE-2006-6902

Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allows remote attackers to gain administrative access aka Remote Root via unspecified vectors...

CVE-2006-6905

Unspecified vulnerability in the Widcomm Bluetooth stack allows remote attackers to gain administrative access aka Remote Root via unspecified vectors...

155022006-nokia_n70.txt

Software affected Bluetooth Stack on Nokia cell phones Version Nokia N70 and maybe other models Impact Remote Denial of Service, cellular phones begin to be slower and then freeze after a short period within 30 seconds. Credits Pierre Betouin - [email protected] - Bug found with BSS new...

CVE-2006-0212

Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23T and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. dot dot sequences, as demonstrated by ..\ sequences in the RFILE argument of ussp-push...

CVE-2005-0750

CVE-2005-0750 affects the Bluetooth driver in the Linux kernel (2.4.6–2.4.30-rc1 and 2.6–2.6.11.5). The bluez_sock_create function fails to validate a negative protocol value, allowing a local user to gain privileges via a crafted socket or socketpair call. Public details appear in multiple advis...