CVE-2006-0212
First published: Sat Jan 14 2006(Updated: )
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Toshiba Bluetooth Stack | =3.00.11 | |
| Toshiba Bluetooth Stack | <=4.00.23t | |
| Toshiba Bluetooth Stack | =3.20.00 | |
| Toshiba Bluetooth Stack | =3.00.12 | |
| Toshiba Bluetooth Stack | =4.00.01t | |
| Toshiba Bluetooth Stack | =3.20.04 | |
| Toshiba Bluetooth Stack | =3.20.01 | |
| Toshiba Bluetooth Stack | =3.00.31a | |
| Toshiba Bluetooth Stack | =3.01.03 | |
| Toshiba Bluetooth Stack | =3.00.32 | |
| Toshiba Bluetooth Stack | =4.00.11 | |
| Toshiba Bluetooth Stack | =3.20.02 | |
| Toshiba Bluetooth Stack | =3.10.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt
- http://secunia.com/advisories/18437
- http://www.securityfocus.com/bid/16236
- http://www.osvdb.org/22380
- http://securitytracker.com/id?1015486
- http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
- http://www.vupen.com/english/advisories/2006/0184
- http://marc.info/?l=full-disclosure&m=113712413907526&w=2
- http://www.securityfocus.com/archive/1/421993/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/event
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/toshiba
- canonical/toshiba bluetooth stack
- version/toshiba bluetooth stack/3.00.11
- version/toshiba bluetooth stack/4.00.23t
- version/toshiba bluetooth stack/3.20.00
- version/toshiba bluetooth stack/3.00.12
- version/toshiba bluetooth stack/4.00.01t
- version/toshiba bluetooth stack/3.20.04
- version/toshiba bluetooth stack/3.20.01
- version/toshiba bluetooth stack/3.00.31a
- version/toshiba bluetooth stack/3.01.03
- version/toshiba bluetooth stack/3.00.32
- version/toshiba bluetooth stack/4.00.11
- version/toshiba bluetooth stack/3.20.02
- version/toshiba bluetooth stack/3.10.00