Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2366

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-2366
Last Modified 05 Sep 2008 05:04:20
Published 15 May 2006 12:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2366

Summary

ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session.

Vulnerable Systems

Application

  • Openobex 1.2


References

XF - openobex-ircp-file-overwrite(26686)

BID - 17921

SECUNIA - 20302

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366484


Last Updated: 27 May 2016 10:42:26