CVE-2006-0253 - Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Ne

CVE-2006-0253

Summary

Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE argument to ussp-push.

References

Vulnerable Configurations

cpe:2.3:a:ambicom:blue_neighbors:2.50_build_2500:*:*:*:*:*:*:*
cpe:2.3:a:ambicom:blue_neighbors:2.50_build_2500:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 19-10-2018 - 15:43)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	16258
bugtraq	20060120 DMA[2006-0115a] - 'AmbiCom Bluetooth Object Push Overflow'
misc	http://www.digitalmunition.com/DMA%5B2006-0115a%5D.txt
secunia	18466
sreason	366
vupen	ADV-2006-0219
xf	ambicom-bluetooth-objectpush-bo(24179)

Last major update

19-10-2018 - 15:43

Published

18-01-2006 - 01:51

Last modified

19-10-2018 - 15:43