Your message dated Mon, 1 Jun 2009 17:40:04 +0200
with message-id <[email protected]>
and subject line Re: Bug#408889: [Pkg-bluetooth-maintainers] Bug#408889:
CVE-2006-6899: bluez-utils: HID Insecure Device Connection Vulnerability
has caused the Debian Bug report #408889,
regarding CVE-2006-6899: bluez-utils: HID Insecure Device Connection
Vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
408889: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408889
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: bluez-utils
Version: 2.15-1.1
Severity: important
Tags: security
Hi,
Maybe the bluez-utils version 2.15-1.1 is vulnerable.
Description:
The vulnerability is caused due to the HID host accepting device
connections without authentication. This can be exploited to insert a
new device (e.g. keyboard, mouse) and take control of the affected
system.
Reference:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6899
http://www.securityfocus.com/archive/1/archive/1/455889/100/0/threaded
Note:
Please mention the CVE id in the changelog.
Thanks in advanced.
regards,
--
.''`.
: :' : Alex de Oliveira Silva | enerv
`. `' www.enerv.net
`-
--- End Message ---
--- Begin Message ---
On Mon, Apr 14, 2008 at 06:52:52PM +0200, Filippo Giunchedi wrote:
> On Wed, Jan 31, 2007 at 12:26:03PM +0100, Filippo Giunchedi wrote:
> > thanks!
> > I'm CC security to see if it is the case for a security upload
>
> AFAIK security support for oldstable has terminated, I am then inclined to
> close
> this bug if that is ok.
I'm closing this old bug that applies to really ancient version of bluez (2.x)
filippo
--
Filippo Giunchedi - http://esaurito.net - 0x6B79D401
Recursion is the root of computation since it trades description for time.
-- Alan Perlis
--- End Message ---
