CVE-2006-0212
Summary
| CVE | CVE-2006-0212 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-01-14 01:03:00 UTC |
| Updated | 2018-10-19 15:43:00 UTC |
| Description | Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Toshiba | Bluetooth Stack | 3.00.11 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.12 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.31a | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.32 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.01.03 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.10.00 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.00 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.01 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.02 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.04 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 4.00.01t | All | All | All |
| Application | Toshiba | Bluetooth Stack | 4.00.11 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.11 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.12 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.31a | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.00.32 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.01.03 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.10.00 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.00 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.01 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.02 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 3.20.04 | All | All | All |
| Application | Toshiba | Bluetooth Stack | 4.00.01t | All | All | All |
| Application | Toshiba | Bluetooth Stack | 4.00.11 | All | All | All |
| Application | Toshiba | Bluetooth Stack | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| '[Full-disclosure] DMA[2006-0112a] - 'Toshiba Bluetooth Stack' - MARC | FULLDISC | marc.info | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| SecurityTracker.com Archives - Toshiba Bluetooth Stack Input Validation Holes Permit Directory Traversal Attacks | SECTRACK | securitytracker.com | |
| www.digitalmunition.com/DMA%5B2006-0112a%5D.txt | MISC | www.digitalmunition.com | Exploit, Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| 22380 | OSVDB | www.osvdb.org | |
| Toshiba Bluetooth Stack Object Push Service File Upload Directory Traversal Vulnerability | BID | www.securityfocus.com | |
| Driver Information | MISC | aps.toshiba-tro.de | |
| Toshiba Bluetooth Stack File Upload Directory Traversal - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.