{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18437"}, {"tags": ["x_refsource_MISC"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015486"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0212", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2", "refsource": "MISC", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18437"}, {"name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt", "refsource": "MISC", "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "refsource": "OSVDB", "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015486"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:25:34.002Z"}, "title": "CVE Program Container", "references": [{"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"name": "16236", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16236"}, {"name": "ADV-2006-0184", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"name": "18437", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18437"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"name": "22380", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22380"}, {"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"name": "1015486", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015486"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0212", "datePublished": "2006-01-14T01:00:00", "dateReserved": "2006-01-14T00:00:00", "dateUpdated": "2024-08-07T16:25:34.002Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A7DCAC-2DF7-4EB1-B321-A1A331F32ED8", "versionEndIncluding": "4.00.23t", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.11:*:*:*:*:*:*:*", "matchCriteriaId": "E0A3CCBE-29F6-4833-9839-0CEAB0C33A2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.12:*:*:*:*:*:*:*", "matchCriteriaId": "6FB969B2-F6B7-48C0-9B4D-EC9F92944CA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.31a:*:*:*:*:*:*:*", "matchCriteriaId": "950ACF9E-0783-42E5-A804-18A9F26E038A", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.00.32:*:*:*:*:*:*:*", "matchCriteriaId": "E8D00C96-6DA5-453F-A7E2-694E0B83D68E", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.01.03:*:*:*:*:*:*:*", "matchCriteriaId": "9A2ACFAD-8406-4478-8D12-F4EC8684728C", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.10.00:*:*:*:*:*:*:*", "matchCriteriaId": "6160E18A-DE9C-4D0A-A901-BC2BB1CE3F26", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.00:*:*:*:*:*:*:*", "matchCriteriaId": "01049F3C-7EE1-4836-BF9C-C2CFE84A03D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.01:*:*:*:*:*:*:*", "matchCriteriaId": "484C6E65-24BA-4D07-8BD1-71384E63F41D", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.02:*:*:*:*:*:*:*", "matchCriteriaId": "083F6F9A-626B-4F7B-9804-3E97C0D8624F", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:3.20.04:*:*:*:*:*:*:*", "matchCriteriaId": "F031926C-3138-4D5E-81F4-ED34C95367C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.01t:*:*:*:*:*:*:*", "matchCriteriaId": "17E31608-3811-491C-9759-6F66D0B4C6E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:toshiba:bluetooth_stack:4.00.11:*:*:*:*:*:*:*", "matchCriteriaId": "611EB66B-01DA-43DE-8DFE-0D6F5AD0657A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en servicios OBEX Push en Toshiba Bluetooth Stack 4.00.23(T) y versiones anteriores permite a atacantes remotos subir archivos arbitrarios a localizaciones remotas arbitrarias especificadas por secuencias .. (punto punto), seg\u00fan lo demostrado por secuencias ..\\\\ en el argumento RFILE de ussp-push."}], "id": "CVE-2006-0212", "lastModified": "2024-11-21T00:05:56.153", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-14T01:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18437"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015486"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22380"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16236"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/0184"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18437"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/22380"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/16236"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0184"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}