4 matches found
CVE-2005-2716
The CVE-2005-2716 issue concerns Nokia Affix (btsrv daemon) versions 2.1.2 and 3.2.0, where event_pin_code_request in btsrv.c allows remote command execution by supplying a Bluetooth device name containing shell metacharacters. Public advisories cite remote code execution via unsafe use of popen ...
CVE-2005-2277
Affected software: Affix Bluetooth FTP client (BTFTP) used in Nokia Affix 2.1.2 and 3.2.0. Description: CVE-2005-2277 describes a vulnerability where missing input sanitising before executing shell commands allows a remote attacker to run arbitrary commands via shell metacharacters in the filenam...
CVE-2005-2250
CVE-2005-2250 is a buffer overflow in Nokia Affix Bluetooth FTP client (BTFTP) affecting Affix versions 2.1.2 and 3.2.0, exploitable via a long filename in an OBEX file share to potentially execute arbitrary code. Debian/DSA-762-1 notes the issue as CAN-2005-2250 and CAN-2005-2277, with fixes pro...
CVE-2005-1294
The vulnerability CVE-2005-1294 affects the Affix Bluetooth Protocol Stack for Linux, specifically via affix_sock_register. A socket call with a negative protocol value is used as an array index, enabling a local attacker to gain privileges. The documents do not specify affected versions or exact...