[Pkg-bluetooth-maintainers] Bug#408889: CVE-2006-6899: bluez-utils:
HID Insecure Device Connection Vulnerability
Alex de Oliveira Silva
enerv at host.sk
Sun Jan 28 23:49:52 UTC 2007
Package: bluez-utils
Version: 2.15-1.1
Severity: important
Tags: security
Hi,
Maybe the bluez-utils version 2.15-1.1 is vulnerable.
Description:
The vulnerability is caused due to the HID host accepting device
connections without authentication. This can be exploited to insert a
new device (e.g. keyboard, mouse) and take control of the affected
system.
Reference:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6899
http://www.securityfocus.com/archive/1/archive/1/455889/100/0/threaded
Note:
Please mention the CVE id in the changelog.
Thanks in advanced.
regards,
--
.''`.
: :' : Alex de Oliveira Silva | enerv
`. `' www.enerv.net
`-
More information about the Pkg-bluetooth-maintainers
mailing list