BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection

EDB-ID:

29471




Platform:

Linux

Date:

2007-11-16


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/22076/info

BlueZ hidd is prone to a device-command-injection vulnerability.

A remote attacker can exploit this issue to gain control of mouse and keyboard HIDs (human interface device). This will allow the attacker to interact with the targeted computer in the context of the currently logged-in user.

Versions prior to 2.25 are vulnerable. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/29471.tar.gz