Motorola PEBL U6 and V600 OBEX buffer overflow
| motorola-peblu6-v600-obex-bo (25401) |  High Risk |
Description:
Motorola PEBL U6 and Motorola cellular phones are vulnerable to a buffer overflow, caused by improper bounds checking by the OBEX File Transfer service. By sending an overly long OBEX setpath(), a remote attacker could overflow a buffer and possibly execute arbitrary code or cause the device to crash.
Consequences:
Gain Access
Remedy:
No remedy available as of September 4, 2010.
References:
- Full-Disclosure Mailing List, Tue Mar 21 2006 - 17:33:19 CST: DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'.
- BID-17185: Motorola PEBL U6 OBEX Setpath Buffer Overflow Vulnerability
- CVE-2006-1366: Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service (device shutdown), and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer (aka FTP) service on Bluetooth channel 9.
- SA19319: Motorola Cellular Phones Security Dialog Spoofing Vulnerability
- VUPEN/ADV-2006-1045: Motorola Phones Buffer Overflow and Security Dialog Spoofing Vulnerabilities
Platforms Affected:
- Motorola Motorola PEBL U6
- Motorola Motorola V600
Reported:
Mar 22, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net