Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
# 1  
Old 07-15-2008
Mandriva: Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
LinuxSecurity.com: An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and potentially execute arbitrary code with the privileges of the hcid daemon (CVE-2008-2374). The updated packages have been patched to correct this issue.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT FREEBSD

bthost

BTHOST(1)						    BSD General Commands Manual 						 BTHOST(1)

NAME

     bthost -- look up Bluetooth host names and Protocol Service Multiplexor values

SYNOPSIS

     bthost [-bhp] host_or_protocol

DESCRIPTION

     The bthost utility looks for information about Bluetooth hosts and Protocol Service Multiplexor (PSM) values.  It gets this information from
     the /etc/bluetooth/hosts and /etc/bluetooth/protocols files.

     In host mode, it simply converts between the host names and Bluetooth addresses.  The argument can be either a host name or a Bluetooth
     address.  The program first attempts to interpret it as a Bluetooth address.  If this fails, it will treat it as a host name.  A Bluetooth
     address consists of six hex bytes separated by a colon, e.g., ``01:02:03:04:05:06''.  A host name consists of names separated by dots, e.g.,
     ``my.cell.phone''.

     In protocol mode, it simply converts between the Protocol Service Multiplexor names and assigned numbers.	The argument can be either a Pro-
     tocol Service Multiplexor name or an assigned number.  The program first attempts to interpret it as an assigned number.

     The options are as follows:

     -b      Produce brief output.

     -h      Display usage message and exit.

     -p      Activate protocol mode.

     The bthost utility will print results to the standard output, and error messages to the standard error.  An output can be quite different,
     here is an example that demonstrates all of the possibilities:

	   % bthost localhost
	   Host localhost has address FF:FF:FF:00:00:00
	   % bthost ff:ff:ff:00:00:00
	   Host FF:FF:FF:00:00:00 has name localhost
	   % bthost -b localhost
	   FF:FF:FF:00:00:00
	   % bthost -b ff:ff:ff:00:00:00
	   localhost
	   % bthost do.not.exists
	   do.not.exists: Unknown host
	   % bthost 0:0:0:0:0:0
	   00:00:00:00:00:00: Unknown host
	   % bthost -p sdp
	   Protocol/Service Multiplexor sdp has number 1
	   % bthost -p 3
	   Protocol/Service Multiplexor rfcomm has number 3
	   % bthost -bp HID-Control
	   17
	   % bthost -p foo
	   foo: Unknown Protocol/Service Multiplexor

FILES

     /etc/bluetooth/hosts
     /etc/bluetooth/protocols

EXIT STATUS

     The bthost utility exits 0 on success, and >0 if an error occurs.

SEE ALSO

     bluetooth(3), bluetooth.hosts(5), bluetooth.protocols(5)

AUTHORS

     Maksim Yevmenkin <m_evmenkin@yahoo.com>

BSD
								    May 8, 2003 							       BSD