OpenOBEX IRCP Arbitrary File Overwrite Vulnerability

OpenOBEX's ircp utility is susceptible to a remote file-overwrite vulnerability. This issue is due to the application's failure to verify the absence of a destination file before creating one during file transfers.

This issue allows remote attackers to overwrite arbitrary files with arbitrary data. This may aid in further attacks.

OpenOBEX version 1.2 is vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus