Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
BID:17185
Info
Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
| Bugtraq ID: | 17185 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2006 12:00AM |
| Updated: | Mar 22 2006 06:44PM |
| Credit: | Discovered by Kevin Finisterre. |
| Vulnerable: |
Motorola PEBL U6 |
| Not Vulnerable: | |
Discussion
Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
Motorola PEBL U6 devices are prone to a buffer-overflow vulnerability. This issue occurs when a malformed OBEX 'setpath()' argument is received. An attacker could exploit this vulnerability to cause the device to fail. Arbitrary code execution may be possible, but this has not been confirmed.
Motorola PEBL handsets are vulnerable to this issue; other handsets may also be affected.
Motorola PEBL U6 devices are prone to a buffer-overflow vulnerability. This issue occurs when a malformed OBEX 'setpath()' argument is received. An attacker could exploit this vulnerability to cause the device to fail. Arbitrary code execution may be possible, but this has not been confirmed.
Motorola PEBL handsets are vulnerable to this issue; other handsets may also be affected.
Exploit / POC
Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
Solution:
Motorola has reportedly addressed this issue, but Symantec could not confirmed this. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Motorola has reportedly addressed this issue, but Symantec could not confirmed this. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
References:
References:
- Motorola PEBL (Motorola)
- DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack' ("KF \(lists\)"