UbuntuUSN-256-1bluez-hcidump vulnerability
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
94.8%
Releases
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
Pierre Betouin discovered a Denial of Service vulnerability in the
handling of the L2CAP (Logical Link Control and Adaptation Layer
Protocol) layer. By sending a specially crafted L2CAP packet through a
wireless Bluetooth connection, a remote attacker could crash hcidump.
Since hcidump is mainly a debugging tool, the impact of this flaw is
very low.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 5.10 | noarch | bluez-hcidump | < * | UNKNOWN |
| Ubuntu | 5.04 | noarch | bluez-hcidump | < * | UNKNOWN |
| Ubuntu | 4.10 | noarch | bluez-hcidump | < * | UNKNOWN |
References
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
94.8%