4 results (0.011 seconds)

CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 1

The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name. • http://affix.sourceforge.net/patch_btsrv_affix_2_1_2 http://affix.sourceforge.net/patch_btsrv_affix_3_2_0 http://marc.info/?l=bugtraq&m=112511370326063&w=2 http://secunia.com/advisories/16574 http://www.debian.org/security/2005/dsa-796 http://www.digitalmunition.com/DMA%5B2005-0826a%5D.txt http://www.securityfocus.com/bid/14672 https://exchange.xforce.ibmcloud.com/vulnerabilities/22034 •

CVSS: 10.0EPSS: 8%CPEs: 2EXPL: 1

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command. Bluetooth FTP client (BTFTP) en Nokia Affix 2.1.2 y 3.2.0 permite que atacantes remotos ejecuten comandos arbitrarios mediante metacaracteres de shell en el argumento "filename" de un comando PUT. • https://www.exploit-db.com/exploits/25966 http://affix.sourceforge.net/affix_212_sec.patch http://affix.sourceforge.net/affix_320_sec.patch http://marc.info/?l=bugtraq&m=112119962704397&w=2 http://www.debian.org/security/2005/dsa-762 http://www.digitalmunition.com/DMA%5B2005-0712b%5D.txt http://www.securityfocus.com/bid/14232 •

CVSS: 7.5EPSS: 14%CPEs: 10EXPL: 1

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share. Desbordamiento de búfer en Bluetooth FTP client (BTFTP) en Nokia Affix 2.1.2 and 3.2.0 permite que atacantes remotos ejecuten código arbitrario mediante un nombre de fichero largo en un recurso compartido OBEX. • https://www.exploit-db.com/exploits/1081 http://affix.sourceforge.net/affix_212_sec.patch http://www.debian.org/security/2005/dsa-762 http://www.digitalmunition.com/DMA%5B2005-0712a%5D.txt http://www.securityfocus.com/bid/14230 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index. • https://www.exploit-db.com/exploits/926 http://affix.sourceforge.net/patch_hci_3_2_0 http://marc.info/?l=bugtraq&m=111445064725591&w=2 http://www.digitalmunition.com/DMA%5B2005-0423a%5D.txt •