|
|
CVE Reference: CVE-2006-0212 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0212 |
|
|
Description: Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push. |
|
|
CVE Status: Candidate |
|
|
References: ST 1015486 SAID Secunia Advisory: SA18437 OSVDB 22380 MISC http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2 http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt FULLDISC http://marc.theaimsgroup.com/?l=full-disclosure&m=113712413907526&w=2 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/421993/100/0/threaded BID 16236 |
|
| Return to the previous page. |
