7 matches found
CVE-2005-2547
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...
Gentoo Security Advisory GLSA 200508-09 (bluez-utils)
The remote host is missing updates announced in advisory GLSA 200508-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mandrake Linux Security Advisory : bluez-utils (MDKSA-2005:150)
A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device. The updated packages have been patched to correct this problem. %NASLMINLEVEL...
[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 782-1 [email protected] http://www.debian.org/security/ Martin Schulze August 23rd, 2005 http://www.debian.org/security/faq -...
Debian DSA-782-1 : bluez-utils - missing input sanitising
Henryk Plotz discovered a vulnerability in bluez-utils, tools and daemons for Bluetooth. Due to missing input sanitising it is possible for an attacker to execute arbitrary commands supplied as device name from the remote device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
CVE-2005-2547
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper...
CVE-2005-2547
CVE-2005-2547 affects BlueZ bluez-utils/hcid components. The advisory describes missing input sanitisation in security.c in hcid, enabling remote attackers to execute arbitrary commands by supplying shell metacharacters in the Bluetooth device name during PIN helper invocation. Affected products/...