2243 matches found
Code injection
The Nokia N70 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
Code injection
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
Code injection
The LG Chocolate KG800 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0521
The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0522
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0523
The Nokia N70 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0521
The CVE-2007-0521 entry concerns Sony Ericsson K700i and W810i phones. Affected component: Bluetooth OBEX push functionality. Root cause: repeated OBEX push attempts (as demonstrated by ussp-push) trigger continual modal dialogs, rendering the UI unavailable and causing a denial of service. Impac...
CVE-2007-0522
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0523
The CVE-2007-0523 entry concerns the Nokia N70 and a DoS caused by repeatedly OBEX pushing a file over Bluetooth, leading to continual modal dialogs and UI unavailability. Affected component is the Bluetooth OBEX push handling; root cause is not explicitly detailed in the provided documents beyon...
CVE-2007-0522
CVE-2007-0522 affects the Motorola MOTORAZR V3 via a flaw in OBEX push over Bluetooth that can trigger repeated file transfers (ussp-push) and cause denial of service through continual modal dialogs and UI unavailability. Impact is UI blocking; CVSS metrics indicate low base score (3.3) with adja...
Bluetooth DoS by obex push
Hello, during a course project studying security and privacy related to Bluetooth, we discovered a simple but effective DoS attack using OBEX push. Using ussp-push 1, it is possible to send out files very quickly. By continuously trying to push a ?le, the target is ?ooded with prompts whether to...
linux/x86 - execve/bin/sh 22 bytes
linux/x86 execve/bin/sh 22 bytes. Shellcode exploit for linx86 platform / revenge-execve.c, v1.0 2006/10/14 16:32 Yet another linux execve shellcode.. linux/x86 execve"/bin//sh/","/bin//sh",NULL shellcode http://www.0xcafebabe.it But this time it's 22 bytes We could start the shellcode with a mov...
FreeBSD : hashcash -- heap overflow vulnerability (2be7c122-0614-11db-9156-000e0c2e438a)
Andreas Seltenreich reports that hashcash is prone to a heap overflow vulnerability. This vulnerability is caused by improper checking of memory allocations within the 'arraypush' function. An attacker could trigger this vulnerability by passing a lot of '-r' or '-j' flags from the command line,...
DEBIAN-CVE-2006-3251
Heap-based buffer overflow in the arraypush function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries...
linux/x86 execve(/bin/sh) + RIFF Header 28 bytes
No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RIFF Header - 28 bytes root@magicbox: file linux-sh-riffhdr.bin linux-sh-riffhdr.bin: RIFF little-endian data - izik [email protected] / char shellcode = // // RIFF Header 5 bytes // "\x52" // push %edx "\x49" // dec...
Design/Logic Flaw
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...
CVE-2006-1365
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...
CVE-2006-1365
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...
linux/x86 execve/bin/sh / PUSH - 23 bytes
linux/x86 execve/bin/sh / PUSH - 23 bytes. Shellcode exploit for linx86 platform / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f...
linux/x86 execve(/bin/sh) / PUSH - 23 bytes
No description provided by source. / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik [email protected] / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f "\x68\x2f\x62\x69\x6e" // push...