Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2277

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-2277
Last Modified 10 Sep 2008 03:41:45
Published 15 Jul 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2277

Summary

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.

Vulnerable Systems

Application

  • Nokia Affix 2.1.2

  • Nokia Affix 3.2.0


References

MISC - http://www.digitalmunition.com/DMA[2005-0712b].txt

BID - 14232

DEBIAN - DSA-762

BUGTRAQ - 20050712 MA[2005-0712b] - 'Nokia Affix Bluetooth btsrv/btobex poor use of system()

CONFIRM - http://affix.sourceforge.net/affix_320_sec.patch

CONFIRM - http://affix.sourceforge.net/affix_212_sec.patch


Last Updated: 27 May 2016 10:40:28