Search criteria
4 vulnerabilities by bluez_project
CVE-2016-9918 (GCVE-0-2016-9918)
Vulnerability from cvelistv5 – Published: 2016-12-08 08:08 – Updated: 2024-08-06 03:07
VLAI?
Summary
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.spinics.net/lists/linux-bluetooth/msg68898.html"
},
{
"name": "95013",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95013"
},
{
"name": "openSUSE-SU-2019:1198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-12T12:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.spinics.net/lists/linux-bluetooth/msg68898.html"
},
{
"name": "95013",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95013"
},
{
"name": "openSUSE-SU-2019:1198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BlueZ 5.42, an out-of-bounds read was identified in \"packet_hexdump\" function in \"monitor/packet.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.spinics.net/lists/linux-bluetooth/msg68898.html",
"refsource": "MISC",
"url": "https://www.spinics.net/lists/linux-bluetooth/msg68898.html"
},
{
"name": "95013",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95013"
},
{
"name": "openSUSE-SU-2019:1198",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9918",
"datePublished": "2016-12-08T08:08:00",
"dateReserved": "2016-12-08T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6899 (GCVE-0-2006-6899)
Vulnerability from cvelistv5 – Published: 2007-01-08 20:00 – Updated: 2024-08-07 20:42
VLAI?
Summary
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:42:07.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "32830",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32830"
},
{
"name": "RHSA-2007:0065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0065.html"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "ADV-2007-0200",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0200"
},
{
"name": "23798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23798"
},
{
"name": "22076",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22076"
},
{
"name": "oval:org.mitre.oval:def:10208",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10208"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://mulliner.org/bluetooth/hidattack.php"
},
{
"name": "23879",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23879"
},
{
"name": "USN-413-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-413-1"
},
{
"name": "MDKSA-2007:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:014"
},
{
"name": "25264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25264"
},
{
"name": "23747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23747"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "32830",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32830"
},
{
"name": "RHSA-2007:0065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0065.html"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "ADV-2007-0200",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0200"
},
{
"name": "23798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23798"
},
{
"name": "22076",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22076"
},
{
"name": "oval:org.mitre.oval:def:10208",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10208"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://mulliner.org/bluetooth/hidattack.php"
},
{
"name": "23879",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23879"
},
{
"name": "USN-413-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-413-1"
},
{
"name": "MDKSA-2007:014",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:014"
},
{
"name": "25264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25264"
},
{
"name": "23747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23747"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf"
},
{
"name": "32830",
"refsource": "OSVDB",
"url": "http://osvdb.org/32830"
},
{
"name": "RHSA-2007:0065",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0065.html"
},
{
"name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded"
},
{
"name": "ADV-2007-0200",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0200"
},
{
"name": "23798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23798"
},
{
"name": "22076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22076"
},
{
"name": "oval:org.mitre.oval:def:10208",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10208"
},
{
"name": "http://mulliner.org/bluetooth/hidattack.php",
"refsource": "MISC",
"url": "http://mulliner.org/bluetooth/hidattack.php"
},
{
"name": "23879",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23879"
},
{
"name": "USN-413-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-413-1"
},
{
"name": "MDKSA-2007:014",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:014"
},
{
"name": "25264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25264"
},
{
"name": "23747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23747"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6899",
"datePublished": "2007-01-08T20:00:00",
"dateReserved": "2007-01-08T00:00:00",
"dateUpdated": "2024-08-07T20:42:07.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0670 (GCVE-0-2006-0670)
Vulnerability from cvelistv5 – Published: 2006-02-13 22:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113924625825488\u0026w=2"
},
{
"name": "MDKSA-2006:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:041"
},
{
"name": "23056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23056"
},
{
"name": "18971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18971"
},
{
"name": "ADV-2006-0479",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0479"
},
{
"name": "DSA-990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-990"
},
{
"name": "18741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18741"
},
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump 1.29 + PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424133/100/0/threaded"
},
{
"name": "USN-256-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-256-1"
},
{
"name": "hcidump-bluetooth-dos(24533)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24533"
},
{
"name": "465",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/465"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secuobs.com/news/05022006-bluetooth9.shtml#english"
},
{
"name": "19122",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113924625825488\u0026w=2"
},
{
"name": "MDKSA-2006:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:041"
},
{
"name": "23056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23056"
},
{
"name": "18971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18971"
},
{
"name": "ADV-2006-0479",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0479"
},
{
"name": "DSA-990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-990"
},
{
"name": "18741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18741"
},
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump 1.29 + PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424133/100/0/threaded"
},
{
"name": "USN-256-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-256-1"
},
{
"name": "hcidump-bluetooth-dos(24533)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24533"
},
{
"name": "465",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/465"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secuobs.com/news/05022006-bluetooth9.shtml#english"
},
{
"name": "19122",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=113924625825488\u0026w=2"
},
{
"name": "MDKSA-2006:041",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:041"
},
{
"name": "23056",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23056"
},
{
"name": "18971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18971"
},
{
"name": "ADV-2006-0479",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0479"
},
{
"name": "DSA-990",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-990"
},
{
"name": "18741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18741"
},
{
"name": "20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump 1.29 + PoC",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424133/100/0/threaded"
},
{
"name": "USN-256-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-256-1"
},
{
"name": "hcidump-bluetooth-dos(24533)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24533"
},
{
"name": "465",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/465"
},
{
"name": "http://www.secuobs.com/news/05022006-bluetooth9.shtml#english",
"refsource": "MISC",
"url": "http://www.secuobs.com/news/05022006-bluetooth9.shtml#english"
},
{
"name": "19122",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0670",
"datePublished": "2006-02-13T22:00:00",
"dateReserved": "2006-02-13T00:00:00",
"dateUpdated": "2024-08-07T16:41:28.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2547 (GCVE-0-2005-2547)
Vulnerability from cvelistv5 – Published: 2005-08-12 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31\u0026r2=1.34"
},
{
"name": "16476",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16476"
},
{
"name": "DSA-782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=101557"
},
{
"name": "GLSA-200508-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200508-09.xml"
},
{
"name": "16453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16453"
},
{
"name": "14572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14572"
},
{
"name": "[bluez-devel] 20050804 Possible security vulnerability in hcid when calling pin helper",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7893206\u0026forum_id=1881"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31\u0026r2=1.34"
},
{
"name": "16476",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16476"
},
{
"name": "DSA-782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=101557"
},
{
"name": "GLSA-200508-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200508-09.xml"
},
{
"name": "16453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16453"
},
{
"name": "14572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14572"
},
{
"name": "[bluez-devel] 20050804 Possible security vulnerability in hcid when calling pin helper",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7893206\u0026forum_id=1881"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31\u0026r2=1.34",
"refsource": "CONFIRM",
"url": "http://cvs.sourceforge.net/viewcvs.py/bluez/utils/hcid/security.c?r1=1.31\u0026r2=1.34"
},
{
"name": "16476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16476"
},
{
"name": "DSA-782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-782"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=101557",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=101557"
},
{
"name": "GLSA-200508-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200508-09.xml"
},
{
"name": "16453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16453"
},
{
"name": "14572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14572"
},
{
"name": "[bluez-devel] 20050804 Possible security vulnerability in hcid when calling pin helper",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7893206\u0026forum_id=1881"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2547",
"datePublished": "2005-08-12T04:00:00",
"dateReserved": "2005-08-12T00:00:00",
"dateUpdated": "2024-08-07T22:30:01.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}