CVE-2008-2374
high-risk
Published 2008-07-07
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
Do I need to act?
~
6.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Vendors
References (36)
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
Broken Link
http://secunia.com/advisories/30957
Broken Link
http://secunia.com/advisories/31057
Broken Link
http://secunia.com/advisories/31833
Broken Link
http://secunia.com/advisories/32099
Broken Link
http://secunia.com/advisories/32279
Broken Link
http://secunia.com/advisories/34280
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200903-29.xml
Product
http://www.bluez.org/bluez-334/
Broken Link
http://www.securityfocus.com/bid/30105
Broken Link
http://www.securitytracker.com/id?1020479
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
Broken Link
http://secunia.com/advisories/30957
and 16 more references
51
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
9/34 · Low
Exposure
10/34 · Low