Описание
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\ sequences in the RFILE argument of ussp-push.
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\ sequences in the RFILE argument of ussp-push.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0212
- http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2
- http://marc.info/?l=full-disclosure&m=113712413907526&w=2
- http://secunia.com/advisories/18437
- http://securitytracker.com/id?1015486
- http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt
- http://www.osvdb.org/22380
- http://www.securityfocus.com/archive/1/421993/100/0/threaded
- http://www.securityfocus.com/bid/16236
- http://www.vupen.com/english/advisories/2006/0184
EPSS
CVE ID
Связанные уязвимости
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push.
EPSS