• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

BlueZ HIDD Bluetooh HID Command Injection Vulnerability

Bugtraq ID:	22076
Class:	Access Validation Error
CVE:	CVE-2006-6899
Remote:	Yes
Local:	No
Published:	Jan 16 2007 12:00AM
Updated:	May 14 2007 11:28PM
Credit:	Collin Mulliner is credited with the discovery of this issue.
Vulnerable:	Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux Desktop version 4 MandrakeSoft Linux Mandrake 2006.0 x86_64 MandrakeSoft Linux Mandrake 2006.0 BlueZ BlueZ 2.19 BlueZ BlueZ 2.15 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 BlueZ BlueZ 2.11 BlueZ BlueZ 1.24 BlueZ BlueZ 1.23 BlueZ BlueZ 1.17 BlueZ BlueZ 1.16 BlueZ BlueZ 1.12 BlueZ BlueZ 1.5 BlueZ BlueZ 2.20
Not Vulnerable:	BlueZ BlueZ 2.25 BlueZ BlueZ 3.8