111 matches found
Buffer overflow
Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...
CVE-2006-1365
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...
CVE-2006-1366
Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...
CVE-2006-1366
The CVE-2006-1366 entry concerns Motorola PEBL U6 08.83.76R and possibly other Motorola P2K-based phones. The vulnerability arises from a buffer overflow in the OBEX File Transfer service over Bluetooth (channel 9) when handling a long OBEX setpath, potentially allowing a remote attacker to cause...
CVE-2006-1365
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...
CVE-2006-1366
Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...
[Full-disclosure] DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'
DMA2006-0321a - 'Motorola P2K Platform setpath overflow and Blueline attack' Author: Kevin Finisterre Vendor: http://www.motorola.com Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?' References: http://www.digitalmunition.com/DMA2006-0321a.txt...
CVE-2006-0253
CVE-2006-0253 describes a buffer overflow in the Bluetooth OBEX Object Push service of AmbiCom Blue Neighbors, specifically in the Blue Neighbors.EXE client. The vulnerability arises from processing a long file name (RFILE argument to ussp-push), enabling a remote attacker to potentially execute ...
CVE-2006-0253
Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE argument to ussp-push...
Buffer overflow
Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE argument to ussp-push...
CVE-2006-0212
CVE-2006-0212 concerns the OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier. The vulnerability is a directory traversal that lets remote attackers upload arbitrary files to arbitrary remote locations by exploiting .. (dot dot) sequences, as demonstrated by ..\ sequences in the...
[Full-disclosure] DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'
DMA2006-0112a - 'Toshiba Bluetooth Stack Directory Transversal' Author: Kevin Finisterre Vendor: http://www.toshiba-tro.de/ Product: 'Toshiba Bluetooth Stack =v4.00.23T' References: http://www.digitalmunition.com/DMA2006-0112a.txt Description: Toshiba was one of the first companies to provide a...
CVE-2005-3995
Format string vulnerability in the dosyslog function in the OBEX server obexsrv.c for Sobexsrv before 1.0.0-pre4, when the syslog -S function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands...
CVE-2005-3995
The CVE applies to the Sobexsrv OBEX server, specifically the dosyslog function in obexsrv.c. When the syslog -S option is enabled, a format string vulnerability in OBEX file-name arguments can allow remote attackers to execute arbitrary code. Affected software/version: Sobexsrv prior to 1.0.0-pr...
CVE-2005-3995
Format string vulnerability in the dosyslog function in the OBEX server obexsrv.c for Sobexsrv before 1.0.0-pre4, when the syslog -S function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands...
DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability'
DMA2005-1202a - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability' Author: Kevin Finisterre Vendor: http://www.mulliner.org/bluetooth/sobexsrv.php Product: 'sobexsrv' References: http://www.digitalmunition.com/DMA2005-1202a.txt...
sobexsrv bluetooth OBEX server format string bug
syslog format string bug...
CVE-2005-3093
Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer...
CVE-2005-3093
Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer...
CVE-2005-3093
Technical details about CVE-2005-3093 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.