| ID |
CVE-2006-1366
|
| Summary |
Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service (device shutdown), and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer (aka FTP) service on Bluetooth channel 9. Arbitrary code execution may also be possible, but has not been confirmed. This vulnerability may affect other versions of Motorola P2K-based phones. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 7.8 (as of 18-10-2018 - 16:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| refmap
via4
|
| bid | 17185 | | bugtraq | 20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack' | | fulldisc | 20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack' | | misc | http://www.digitalmunition.com/DMA[2006-0321a].txt | | secunia | 19319 | | vupen | ADV-2006-1045 | | xf | motorola-peblu6-v600-obex-bo(25401) |
|
| Last major update |
18-10-2018 - 16:32 |
| Published |
23-03-2006 - 23:06 |
| Last modified |
18-10-2018 - 16:32 |
