Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability

07-15-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability

LinuxSecurity.com: An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and potentially execute arbitrary code with the privileges of the hcid daemon (CVE-2008-2374). The updated packages have been patched to correct this issue.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

anyRemote(1) General Commands Manual anyRemote(1) NAME
anyremote - control PC with Bluetooth/Wi-Fi cell phone .br SYNOPSIS
anyremote [-f file] [-s connect string] [-log] [-a] [-fe port] [-http] [-u username] [-name SDP service name] [-password] anyremote -h|-v .br DESCRIPTION
The overall goal of this project is to provide remote control service on Linux through Bluetooth, Wi-Fi or just TCP/IP connection. anyRemote supports wide range of modern cell phones like Nokia, HTC, SonyEricsson, Motorola and others. It was developed as thin "communication" layer between Bluetooth (IR, Wi-Fi)-capabled phone and Linux, and in theory could be configured to manage almost any software. anyRemote is console application, but in addition there are GUI front-ends for Gnome and KDE. OPTIONS
-h print short help and exit -v print version number and exit -f /path/to/configuration/file By default anyremote will try to find and use $HOME/.anyremote.cfg, then ./.anyremote.cfg. It is possible to specify configuration file directly with -f option. -s connect string where connect string can be one of: bluetooth:_channel_ (Server mode - bluetooth connection) socket:_port_ (Server mode - TCP/IP connection) web:_port_ (Server mode - Web interface) local:/dev/ircommX (Server mode - IR connection) rfcomm:XX:XX:XX:XX:XX:XX:CC (AT mode - bluetooth connection, where XX:XX:XX:XX:XX:XX is bluetooth device address and CC is channel number - integer from 1 to 32) /dev/ttyACM# (AT mode - cable connection) /dev/ircomm# (AT mode - IR connection) ilirc:_AF_LOCAL socket file_ (use with inputlircd) stdin -log print verbose logging information to $HOME/.anyRemote/anyremote.log -a reconnect automatically in case of connection failure, used only in AT-mode -fe _port_ Work as backend for GUI frontend. Use specified port to connect to frontend. -name SDP_service_name if bluetooth connection is used, allows one to specify SDP service name. Default value for SDP service name is "anyRemote" -password If this option is specified, then anyRemote will ask the client for the password. Password phrase should be stored in $HOME/.anyRemote/password file in plain text. -u|--user _username_ if started from root, allows one to set effective user ID to specified user .br AUTHORS
Mikhail Fedotov anyremote@mail.ru http://anyremote.sf.net .br BUGS
If you find any bugs, please report to anyremote@mail.ru .br LICENCE
This is free software. You may redistribute copies of it under the terms of the GNU General Public License http://www.gnu.org/licenses/gpl.html. There is NO WARRANTY, to the extent permitted by law. May 11, 2012 anyRemote(1)

Security Advisories (RSS)

Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability

LEARN ABOUT DEBIAN

anyremote