Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2007:014: bluez-utils Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the bluez-utils package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2007:014 (bluez-utils).
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to
obtain control of the (1) Mouse and (2) Keyboard Human Interface Device
(HID) via a certain configuration of two HID (PSM) endpoints, operating
as a server, aka HidAttack.
hidd is not enabled by default on Mandriva 2006.0. This update adds the
--nocheck option (disabled by default) to the hidd binary, which
defaults to rejecting connections from unknown devices unless --nocheck
The updated packages have been patched to correct this problem
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:014
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.