Computer Security
[EN] securityvulns.ru no-pyccku


bluez bluetooth stack memory corruption
Published:18.07.2008
Source:
SecurityVulns ID:9151
Type:remote
Threat Level:
5/10
Description:Memory corruption on SDP packet parsing.
Affected:BLUEZ : bluez 3.9
CVE:CVE-2008-2374 (src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.)
Original documentdocumentMANDRIVA, [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability (18.07.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod