ID CVE-2006-0670
Summary Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
References
Vulnerable Configurations
  • cpe:2.3:a:bluez_project:hcidump:1.29:*:*:*:*:*:*:*
    cpe:2.3:a:bluez_project:hcidump:1.29:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bugtraq 20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump 1.29 + PoC
debian DSA-990
fulldisc 20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump
mandriva MDKSA-2006:041
misc http://www.secuobs.com/news/05022006-bluetooth9.shtml#english
osvdb 23056
secunia
  • 18741
  • 18971
  • 19122
sreason 465
ubuntu USN-256-1
vupen ADV-2006-0479
xf hcidump-bluetooth-dos(24533)
statements via4
contributor Mark J Cox
lastmodified 2006-09-19
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187945 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ This issue does not affect Red Hat Enterprise Linux 2.1 or 3.
Last major update 19-10-2018 - 15:45
Published 13-02-2006 - 22:02
Back to Top