GSD-2006-0212

Vulnerability from gsd - Updated: 2023-12-13 01:19
Details
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.
Aliases
Aliases
CVE-2006-0212
To clipboard 

{
  "GSD": {
    "alias": "CVE-2006-0212",
    "description": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push.",
    "id": "GSD-2006-0212"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0212"
      ],
      "details": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push.",
      "id": "GSD-2006-0212",
      "modified": "2023-12-13T01:19:50.405676Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-0212",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20060113 DMA[2006-0112a] - \u0027Toshiba Bluetooth Stack Directory Transversal\u0027",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"
          },
          {
            "name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2",
            "refsource": "MISC",
            "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"
          },
          {
            "name": "16236",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/16236"
          },
          {
            "name": "ADV-2006-0184",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0184"
          },
          {
            "name": "18437",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18437"
          },
          {
            "name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt",
            "refsource": "MISC",
            "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"
          },
          {
            "name": "22380",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/22380"
          },
          {
            "name": "20060113 DMA[2006-0112a] - \u0027Toshiba Bluetooth Stack Directory Transversal\u0027",
            "refsource": "FULLDISC",
            "url": "http://marc.info/?l=full-disclosure\u0026m=113712413907526\u0026w=2"
          },
          {
            "name": "1015486",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015486"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.00.23t",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0212"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"
            },
            {
              "name": "18437",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18437"
            },
            {
              "name": "16236",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/16236"
            },
            {
              "name": "22380",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/22380"
            },
            {
              "name": "1015486",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015486"
            },
            {
              "name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2",
              "refsource": "MISC",
              "tags": [],
              "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"
            },
            {
              "name": "ADV-2006-0184",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0184"
            },
            {
              "name": "20060113 DMA[2006-0112a] - \u0027Toshiba Bluetooth Stack Directory Transversal\u0027",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://marc.info/?l=full-disclosure\u0026m=113712413907526\u0026w=2"
            },
            {
              "name": "20060113 DMA[2006-0112a] - \u0027Toshiba Bluetooth Stack Directory Transversal\u0027",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-19T15:43Z",
      "publishedDate": "2006-01-14T01:03Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.