4 matches found
Debian DSA-796-1 : affix - remote command execution
Kevin Finisterre reports that affix, a package used to manage bluetooth sessions under Linux, uses the popen call in an unsafe fashion. A remote attacker can exploit this vulnerability to execute arbitrary commands on a vulnerable system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2005-2716
The eventpincoderequest function in the btsrv daemon btsrv.c in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name...
CVE-2005-2716
The CVE-2005-2716 issue concerns Nokia Affix (btsrv daemon) versions 2.1.2 and 3.2.0, where event_pin_code_request in btsrv.c allows remote command execution by supplying a Bluetooth device name containing shell metacharacters. Public advisories cite remote code execution via unsafe use of popen ...
CVE-2005-2716
The eventpincoderequest function in the btsrv daemon btsrv.c in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name...