Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1365

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1365
Last Modified 10 Sep 2008 04:09:03
Published 23 Mar 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1365

Summary

The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices (aka Device History), and possibly obtain AT level access to the target device, by initiating and interrupting an OBEX Push Profile that pretends to send a vCard, aka a "HeloMoto" attack.

Vulnerable Systems


References

BUGTRAQ - 20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'

MISC - http://www.digitalmunition.com/DMA[2006-0321a].txt

MISC - http://trifinite.org/trifinite_stuff_helomoto.html


Last Updated: 27 May 2016 10:42:02