Bug 187945 - (CVE-2006-0670) CVE-2006-0670 bluez-hcidump Denial of Service
CVE-2006-0670 bluez-hcidump Denial of Service
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity low
: ---
: ---
Assigned To: Red Hat Product Security
public=20060205,reported=20060205,sou...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-04 16:01 EDT by Josh Bressers
Modified: 2011-08-02 14:45 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-08-02 14:43:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2006-04-04 16:01:26 EDT
bluez-hcidump Denial of Service

http://www.secuobs.com/news/05022006-bluetooth10.shtml

"ubuntu: Pierre Betouin discovered a Denial of Service
vulnerability in the handling of the L2CAP (Logical Link
Control and Adaptation Layer Protocol) layer. By sending a
specially crafted L2CAP packet through a wireless Bluetooth
connection, a remote attacker could crash hcidump.  Since
hcidump is mainly a debugging tool, the impact of this flaw is
very low."

The patch is here:
http://cvs.sourceforge.net/viewcvs.py/bluez/hcidump/parser/l2cap.c?r1=1.51&r2=1.52&diff_format=u
Comment 1 Mark J. Cox (Product Security) 2007-08-21 07:23:16 EDT
moving to security response bug.  should we decide to fix this in a later update
for rhel4 we'll create appropriate tracking bugs with flags at that time.
Comment 3 Vincent Danen 2010-04-09 17:32:56 EDT
This issue is corrected in bluez-hcidump 1.32 as provided by Red Hat Enterprise Linux 5, and does not affect Red Hat Enterprise Linux 3.  The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw in Red Hat Enterprise Linux 4.

The above link no longer works; this updated link does:

http://bluez.cvs.sourceforge.net/viewvc/bluez/hcidump/parser/l2cap.c?r1=1.51&r2=1.52&view=patch
Comment 4 Josh Bressers 2011-08-02 14:43:06 EDT
Statement:

Red Hat no longer plans to fix this issue in Red Hat Enterprise Linux 4. This issue is corrected in bluez-hcidump 1.32 as provided by Red Hat Enterprise
Linux 5.

Note You need to log in before you can comment on or make changes to this bug.