OpenCVE

Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Mobile

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_mobile:5.0:::::::*
	cpe:2.3:o:microsoft:windows_mobile:5.0::pocket_pc:::::
	cpe:2.3:o:microsoft:windows_mobile:5.0::smartphone:::::
	cpe:2.3:o:microsoft:windows_mobile:6.0:::::::*
	cpe:2.3:o:microsoft:windows_mobile:6.0::pro:::::
	cpe:2.3:o:microsoft:windows_mobile:6.0::standard:::::

No data.

References

Link	Providers
http://secunia.com/advisories/33598
http://securityreason.com/securityalert/4938
http://www.securityfocus.com/archive/1/500199/100/0/threaded
http://www.securityfocus.com/bid/33359
http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/48124

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-01-21T20:00:00

Updated: 2024-08-07T04:24:18.392Z

Reserved: 2009-01-21T00:00:00

Link: CVE-2009-0244

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2009-01-21T20:30:00.453

Modified: 2024-01-26T17:53:29.500

Link: CVE-2009-0244

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-01-19T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33598", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33598"}, {"tags": ["x_refsource_MISC"], "url": "http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html"}, {"name": "20090119 Microsoft Bluetooth Stack OBEX Directory Traversal", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/500199/100/0/threaded"}, {"name": "4938", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4938"}, {"name": "33359", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33359"}, {"name": "winmobile-obexftp-directory-traversal(48124)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48124"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0244", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33598", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33598"}, {"name": "http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html", "refsource": "MISC", "url": "http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html"}, {"name": "20090119 Microsoft Bluetooth Stack OBEX Directory Traversal", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/500199/100/0/threaded"}, {"name": "4938", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4938"}, {"name": "33359", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33359"}, {"name": "winmobile-obexftp-directory-traversal(48124)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48124"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:24:18.392Z"}, "title": "CVE Program Container", "references": [{"name": "33598", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33598"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html"}, {"name": "20090119 Microsoft Bluetooth Stack OBEX Directory Traversal", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/500199/100/0/threaded"}, {"name": "4938", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4938"}, {"name": "33359", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33359"}, {"name": "winmobile-obexftp-directory-traversal(48124)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48124"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0244", "datePublished": "2009-01-21T20:00:00", "dateReserved": "2009-01-21T00:00:00", "dateUpdated": "2024-08-07T04:24:18.392Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_mobile:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "188596B9-7646-4841-B684-B224B48B3F15", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_mobile:5.0:*:pocket_pc:*:*:*:*:*", "matchCriteriaId": "923D7E31-E220-41C5-A8CE-2E9B5D1592A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_mobile:5.0:*:smartphone:*:*:*:*:*", "matchCriteriaId": "92EDBE39-3281-4CD0-9D33-1588C5D0A8A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_mobile:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "54F2E86B-81CA-45D7-94B4-048F0A01650C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_mobile:6.0:*:pro:*:*:*:*:*", "matchCriteriaId": "CFEFCF17-883B-4BCC-B507-389D1C58F454", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_mobile:6.0:*:standard:*:*:*:*:*", "matchCriteriaId": "E8239CB3-919E-4EEE-A694-DED5CCBA1F5A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el Servicio OBEX FTP en la pila de Microsoft Bluetooth en Windows Mobile 6 Professional, y probablemente Windows Mobile 5.0 para Pocket PC y 5.0 para Pocket PC Phone Edition, permite a usuarios remotamente autentificados listar directorios de su elecci\u00f3n y crear o leer archivos de su elecci\u00f3n mediante .. (punto punto) en un nombre de ruta. NOTA: esto se puede utilizar para ejecuci\u00f3n de c\u00f3digo escribiendo en una carpeta de Inicio (Startup)."}], "evaluatorImpact": "per: http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html\n\n\"Non vulnerable products: Windows Mobile devices 5.0 and 6 not using Microsoft Bluetooth Stack (for example: ASUS P525, ASUS P535, ... using Widcomm/Broadcom Bluetooth Stack)\"", "id": "CVE-2009-0244", "lastModified": "2024-01-26T17:53:29.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2009-01-21T20:30:00.453", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/33598"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/4938"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/500199/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/33359"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Exploit"], "url": "http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48124"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}