The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://affix.sourceforge.net/patch_btsrv_affix_2_1_2 - Patch | |
References | () http://affix.sourceforge.net/patch_btsrv_affix_3_2_0 - Patch | |
References | () http://marc.info/?l=bugtraq&m=112511370326063&w=2 - | |
References | () http://secunia.com/advisories/16574/ - | |
References | () http://www.debian.org/security/2005/dsa-796 - | |
References | () http://www.digitalmunition.com/DMA%5B2005-0826a%5D.txt - Exploit, Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/14672 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22034 - |
Information
Published : 2005-08-29 20:14
Updated : 2024-11-21 00:00
NVD link : CVE-2005-2716
Mitre link : CVE-2005-2716
CVE.ORG link : CVE-2005-2716
JSON object : View
Products Affected
nokia
- affix
CWE