|
Family: Ubuntu Local Security Checks --> Category: infos
USN256-1 : bluez-hcidump vulnerability Vulnerability Scan
Vulnerability Scan Summary bluez-hcidump vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "bluez-hcidump" is missing a security patch.
Description :
Pierre Betouin discovered a Denial of Service vulnerability in the
handling of the L2CAP (Logical Link Control and Adaptation Layer
Protocol) layer. By sending a specially crafted L2CAP packet through a
wireless Bluetooth connection, a remote attacker could crash hcidump.
Since hcidump is mainly a debugging tool, the impact of this flaw is
very low.
Solution :
Upgrade to :
- bluez-hcidump-1.23-0ubuntu1.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|