CVE-2006-0212

Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt	Exploit Vendor Advisory
http://secunia.com/advisories/18437	Vendor Advisory
http://www.securityfocus.com/bid/16236
http://www.osvdb.org/22380
http://securitytracker.com/id?1015486
http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
http://www.vupen.com/english/advisories/2006/0184
http://marc.info/?l=full-disclosure&m=113712413907526&w=2
http://www.securityfocus.com/archive/1/421993/100/0/threaded

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack::::::::
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:::::::*

Information

Published : 2006-01-13 17:03

Updated : 2018-10-19 08:43

NVD link : CVE-2006-0212

Mitre link : CVE-2006-0212

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

toshiba

bluetooth_stack

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt", "name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt", "tags": ["Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://secunia.com/advisories/18437", "name": "18437", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/16236", "name": "16236", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/22380", "name": "22380", "tags": [], "refsource": "OSVDB"}, {"url": "http://securitytracker.com/id?1015486", "name": "1015486", "tags": [], "refsource": "SECTRACK"}, {"url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2", "name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2", "tags": [], "refsource": "MISC"}, {"url": "http://www.vupen.com/english/advisories/2006/0184", "name": "ADV-2006-0184", "tags": [], "refsource": "VUPEN"}, {"url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2", "name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": [], "refsource": "FULLDISC"}, {"url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded", "name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-0212", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-01-14T01:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.00.23t"}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:43Z"}