Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2008-0581

Опубликовано: 14 июл. 2008
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2008-0581: bluez-libs and bluez-utils security update (MODERATE)

bluez-libs:

[3.7-1.1]

  • Fix CVE-2008-2374 Resolves: #452880

bluez-utils:

[3.7-2.2]

  • Add explicit versioned Requires and BuildRequires for new bluez-libs

[3.7-2.1]

  • Fix CVE-2008-2374 (#452715) SDP payload processing vulnerability

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

bluez-libs

3.7-1.1

bluez-libs-devel

3.7-1.1

bluez-utils

3.7-2.2

bluez-utils-cups

3.7-2.2

Oracle Linux x86_64

bluez-libs

3.7-1.1

bluez-libs-devel

3.7-1.1

bluez-utils

3.7-2.2

bluez-utils-cups

3.7-2.2

Oracle Linux i386

bluez-libs

3.7-1.1

bluez-libs-devel

3.7-1.1

bluez-utils

3.7-2.2

bluez-utils-cups

3.7-2.2

Связанные CVE

CVE-2008-2374

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2008-2374

CVSS3: 9.8
ubuntu
почти 17 лет назад

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.

redhat логотип

CVE-2008-2374

redhat
около 17 лет назад

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.

nvd логотип

CVE-2008-2374

CVSS3: 9.8
nvd
почти 17 лет назад

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.

debian логотип

CVE-2008-2374

CVSS3: 9.8
debian
почти 17 лет назад

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.3 ...

github логотип

GHSA-278x-6vg6-6g42

CVSS3: 9.8
github
около 3 лет назад

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.

Уязвимость ELSA-2008-0581