CVE-2006-0212 - Vulnerability Details - OpenCVE

Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Toshiba	Bluetooth Stack

Configuration 1 [-]

OR	cpe:2.3:a:toshiba:bluetooth_stack::::::::
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:::::::*
	cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:::::::*

No data.

References

Link	Providers
http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
http://marc.info/?l=full-disclosure&m=113712413907526&w=2
http://secunia.com/advisories/18437
http://securitytracker.com/id?1015486
http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt
http://www.osvdb.org/22380
http://www.securityfocus.com/archive/1/421993/100/0/threaded
http://www.securityfocus.com/bid/16236
http://www.vupen.com/english/advisories/2006/0184

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-01-14T01:00:00

Updated: 2024-08-07T16:25:34.002Z

Reserved: 2006-01-14T00:00:00

Link: CVE-2006-0212

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-01-14T01:03:00.000

Modified: 2024-11-21T00:05:56.153

Link: CVE-2006-0212

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18437"}, {"tags": ["x_refsource_MISC"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015486"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0212", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2", "refsource": "MISC", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18437"}, {"name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt", "refsource": "MISC", "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "refsource": "OSVDB", "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015486"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:25:34.002Z"}, "title": "CVE Program Container", "references": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18437"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015486"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0212", "datePublished": "2006-01-14T01:00:00", "dateReserved": "2006-01-14T00:00:00", "dateUpdated": "2024-08-07T16:25:34.002Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A7DCAC-2DF7-4EB1-B321-A1A331F32ED8", "versionEndIncluding": "4.00.23t", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:*:*:*:*:*:*:*", "matchCriteriaId": "E0A3CCBE-29F6-4833-9839-0CEAB0C33A2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:*:*:*:*:*:*:*", "matchCriteriaId": "6FB969B2-F6B7-48C0-9B4D-EC9F92944CA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:*:*:*:*:*:*:*", "matchCriteriaId": "950ACF9E-0783-42E5-A804-18A9F26E038A", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:*:*:*:*:*:*:*", "matchCriteriaId": "E8D00C96-6DA5-453F-A7E2-694E0B83D68E", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:*:*:*:*:*:*:*", "matchCriteriaId": "9A2ACFAD-8406-4478-8D12-F4EC8684728C", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:*:*:*:*:*:*:*", "matchCriteriaId": "6160E18A-DE9C-4D0A-A901-BC2BB1CE3F26", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:*:*:*:*:*:*:*", "matchCriteriaId": "01049F3C-7EE1-4836-BF9C-C2CFE84A03D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:*:*:*:*:*:*:*", "matchCriteriaId": "484C6E65-24BA-4D07-8BD1-71384E63F41D", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:*:*:*:*:*:*:*", "matchCriteriaId": "083F6F9A-626B-4F7B-9804-3E97C0D8624F", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:*:*:*:*:*:*:*", "matchCriteriaId": "F031926C-3138-4D5E-81F4-ED34C95367C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:*:*:*:*:*:*:*", "matchCriteriaId": "17E31608-3811-491C-9759-6F66D0B4C6E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:*:*:*:*:*:*:*", "matchCriteriaId": "611EB66B-01DA-43DE-8DFE-0D6F5AD0657A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en servicios OBEX Push en Toshiba Bluetooth Stack 4.00.23(T) y versiones anteriores permite a atacantes remotos subir archivos arbitrarios a localizaciones remotas arbitrarias especificadas por secuencias .. (punto punto), seg\u00fan lo demostrado por secuencias ..\\\\ en el argumento RFILE de ussp-push."}], "id": "CVE-2006-0212", "lastModified": "2024-11-21T00:05:56.153", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-14T01:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18437"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015486"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22380"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16236"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18437"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/22380"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/16236"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0184"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}