ID CVE-2008-2374
Summary src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
References
Vulnerable Configurations
  • cpe:2.3:a:bluez:bluez-libs:-:*:*:*:*:*:*:*
    cpe:2.3:a:bluez:bluez-libs:-:*:*:*:*:*:*:*
  • cpe:2.3:a:bluez:bluez-libs:3.33:*:*:*:*:*:*:*
    cpe:2.3:a:bluez:bluez-libs:3.33:*:*:*:*:*:*:*
  • cpe:2.3:a:bluez:bluez-utils:-:*:*:*:*:*:*:*
    cpe:2.3:a:bluez:bluez-utils:-:*:*:*:*:*:*:*
  • cpe:2.3:a:bluez:bluez-utils:3.33:*:*:*:*:*:*:*
    cpe:2.3:a:bluez:bluez-utils:3.33:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 13-02-2024 - 16:09)
Impact:
Exploitability:
CWE CWE-1284
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-04-29T04:23:48.149-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
family unix
id oval:org.mitre.oval:def:9973
status accepted
submitted 2010-07-09T03:56:16-04:00
title src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
version 30
redhat via4
advisories
bugzilla
id 452715
title CVE-2008-2374 bluez-libs: SDP payload processing vulnerability
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304025
    • OR
      • AND
        • comment bluez-libs is earlier than 0:2.10-3
          oval oval:com.redhat.rhsa:tst:20080581001
        • comment bluez-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080581002
      • AND
        • comment bluez-libs-devel is earlier than 0:2.10-3
          oval oval:com.redhat.rhsa:tst:20080581003
        • comment bluez-libs-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20080581004
      • AND
        • comment bluez-utils is earlier than 0:2.10-2.4
          oval oval:com.redhat.rhsa:tst:20080581005
        • comment bluez-utils is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070065002
      • AND
        • comment bluez-utils-cups is earlier than 0:2.10-2.4
          oval oval:com.redhat.rhsa:tst:20080581007
        • comment bluez-utils-cups is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070065004
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • comment bluez-libs is earlier than 0:3.7-1.1
          oval oval:com.redhat.rhsa:tst:20080581010
        • comment bluez-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080581011
      • AND
        • comment bluez-libs-devel is earlier than 0:3.7-1.1
          oval oval:com.redhat.rhsa:tst:20080581012
        • comment bluez-libs-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080581013
      • AND
        • comment bluez-utils is earlier than 0:3.7-2.2
          oval oval:com.redhat.rhsa:tst:20080581014
        • comment bluez-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080581015
      • AND
        • comment bluez-utils-cups is earlier than 0:3.7-2.2
          oval oval:com.redhat.rhsa:tst:20080581016
        • comment bluez-utils-cups is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080581017
rhsa
id RHSA-2008:0581
released 2008-07-14
severity Moderate
title RHSA-2008:0581: bluez-libs and bluez-utils security update (Moderate)
rpms
  • bluez-libs-0:2.10-3
  • bluez-libs-0:3.7-1.1
  • bluez-libs-debuginfo-0:2.10-3
  • bluez-libs-debuginfo-0:3.7-1.1
  • bluez-libs-devel-0:2.10-3
  • bluez-libs-devel-0:3.7-1.1
  • bluez-utils-0:2.10-2.4
  • bluez-utils-0:3.7-2.2
  • bluez-utils-cups-0:2.10-2.4
  • bluez-utils-cups-0:3.7-2.2
  • bluez-utils-debuginfo-0:2.10-2.4
  • bluez-utils-debuginfo-0:3.7-2.2
refmap via4
bid 30105
confirm http://www.bluez.org/bluez-334/
fedora
  • FEDORA-2008-6133
  • FEDORA-2008-6140
gentoo GLSA-200903-29
mandriva MDVSA-2008:145
mlist [bluez-devel] 20080616 SDP payload processing vulnerability
sectrack 1020479
secunia
  • 30957
  • 31057
  • 31833
  • 32099
  • 32279
  • 34280
suse SUSE-SR:2008:019
vupen ADV-2008-2096
Last major update 13-02-2024 - 16:09
Published 07-07-2008 - 23:41
Last modified 13-02-2024 - 16:09
Back to Top