Vulnerabilities > CVE-2005-3995 - Remote Format String vulnerability in Sobexsrv Dosyslog

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
sobexsrv
exploit available

Summary

Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv before 1.0.0-pre4, when the syslog (-S) function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands.

Vulnerable Configurations

Part Description Count
Application
Sobexsrv
1

Exploit-Db

descriptionsobexsrv 1.0.0_pre3 Bluetooth syslog() Remote Format String Exploit. CVE-2005-3995. Remote exploit for linux platform
idEDB-ID:1355
last seen2016-01-31
modified2005-12-03
published2005-12-03
reporterKevin Finisterre
sourcehttps://www.exploit-db.com/download/1355/
titlesobexsrv 1.0.0_pre3 Bluetooth syslog Remote Format String Exploit