Android Bluetooth Stack Contact Information Disclosure Vulnerability
BID:51709
Info
Android Bluetooth Stack Contact Information Disclosure Vulnerability
| Bugtraq ID: | 51709 |
| Class: | Design Error |
| CVE: |
CVE-2011-4276 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 27 2012 12:00AM |
| Updated: | Jan 27 2012 12:00AM |
| Credit: | gcondra |
| Vulnerable: |
Open Handset Alliance Android 2.3.5 Open Handset Alliance Android 2.3.2 Open Handset Alliance Android 2.3.1 Open Handset Alliance Android 2.3.4 Open Handset Alliance Android 2.3 |
| Not Vulnerable: |
Open Handset Alliance Android 2.3.6 |
Discussion
Android Bluetooth Stack Contact Information Disclosure Vulnerability
Android is prone to an information-disclosure vulnerability that affects the bluetooth stack.
A remote attacker can exploit this issue to obtain potentially sensitive information from a target device. Information obtained may aid in further attacks.
Android versions prior to 2.3.6 are available.
Android is prone to an information-disclosure vulnerability that affects the bluetooth stack.
A remote attacker can exploit this issue to obtain potentially sensitive information from a target device. Information obtained may aid in further attacks.
Android versions prior to 2.3.6 are available.
Exploit / POC
Android Bluetooth Stack Contact Information Disclosure Vulnerability
Attackers can use readily available tools and commands to exploit this issue.
Attackers can use readily available tools and commands to exploit this issue.
Solution / Fix
Android Bluetooth Stack Contact Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for more details.
Solution:
Updates are available. Please see the references for more details.