Executive Summary
Summary | |
---|---|
Title | Multiple Bluetooth implementation vulnerabilities affect many devices |
Informations | |||
---|---|---|---|
Name | VU#240311 | First vendor Publication | 2017-09-12 |
Vendor | VU-CERT | Last vendor Modification | 2017-11-08 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 8.3 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 6.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#240311Multiple Bluetooth implementation vulnerabilities affect many devicesOverviewA collection of Bluetooth implementation vulnerabilities known as "BlueBorne" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThese vulnerabilities were publicly disclosed by Ben Seri and Gregory Vishnepolsky of Armis. Armis acknowledges Alon Livne for the Linux RCE (CVE-2017-1000251) exploit. This document was written by Garret Wassermann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/240311 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
43 % | CWE-200 | Information Exposure |
29 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
14 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-11-27 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-2685.nasl - Type : ACT_GATHER_INFO |
2018-01-15 | Name : The remote Fedora host is missing a security update. File : fedora_2017-77f991e537.nasl - Type : ACT_GATHER_INFO |
2017-12-14 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0174.nasl - Type : ACT_GATHER_INFO |
2017-12-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3659.nasl - Type : ACT_GATHER_INFO |
2017-12-11 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0173.nasl - Type : ACT_GATHER_INFO |
2017-12-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3658.nasl - Type : ACT_GATHER_INFO |
2017-12-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3657.nasl - Type : ACT_GATHER_INFO |
2017-11-21 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZA-2017-086.nasl - Type : ACT_GATHER_INFO |
2017-11-16 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1245.nasl - Type : ACT_GATHER_INFO |
2017-11-03 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038781.nasl - Type : ACT_GATHER_INFO |
2017-10-27 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-914.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2793-1.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1176.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-2930-1.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2792-1.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2796-1.nasl - Type : ACT_GATHER_INFO |
2017-10-23 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2797-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2784-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2769-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2770-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2771-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2772-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2773-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2774-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2776-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2777-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2778-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2779-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2781-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2790-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2788-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2787-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2786-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2785-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2783-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2782-1.nasl - Type : ACT_GATHER_INFO |
2017-10-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2780-1.nasl - Type : ACT_GATHER_INFO |
2017-09-27 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2017-085.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2548-1.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0152.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0151.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3622.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3621.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote Fedora host is missing a security update. File : fedora_2017-e07d7fb18e.nasl - Type : ACT_GATHER_INFO |
2017-09-22 | Name : The remote Debian host is missing a security update. File : debian_DLA-1103.nasl - Type : ACT_GATHER_INFO |
2017-09-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3981.nasl - Type : ACT_GATHER_INFO |
2017-09-21 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2534-1.nasl - Type : ACT_GATHER_INFO |
2017-09-21 | Name : The remote Debian host is missing a security update. File : debian_DLA-1099.nasl - Type : ACT_GATHER_INFO |
2017-09-20 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-3620.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3422-1.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3420-2.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3420-1.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3419-2.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3419-1.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2523-1.nasl - Type : ACT_GATHER_INFO |
2017-09-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2521-1.nasl - Type : ACT_GATHER_INFO |
2017-09-18 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1062.nasl - Type : ACT_GATHER_INFO |
2017-09-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2017-258-01.nasl - Type : ACT_GATHER_INFO |
2017-09-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2017-258-02.nasl - Type : ACT_GATHER_INFO |
2017-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2017-7369ea045c.nasl - Type : ACT_GATHER_INFO |
2017-09-18 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-1063.nasl - Type : ACT_GATHER_INFO |
2017-09-15 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2459-1.nasl - Type : ACT_GATHER_INFO |
2017-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2732.nasl - Type : ACT_GATHER_INFO |
2017-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2731.nasl - Type : ACT_GATHER_INFO |
2017-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2705.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3972.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote device is affected by a remote code execution vulnerability. File : appletv_blueborne.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-2679.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote Fedora host is missing a security update. File : fedora_2017-fe95a5b88b.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2704.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2706.nasl - Type : ACT_GATHER_INFO |
2017-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2707.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2682.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-2681.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-2685.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-2679.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-2681.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-2685.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2679.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2680.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2681.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2683.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2685.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170912_bluez_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170912_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170912_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2017-09-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3413-1.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038782.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038783.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038788.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038792.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_win2008.nasl - Type : ACT_GATHER_INFO |
2017-09-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_sep_4038777.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-11-09 00:20:54 |
|
2017-10-18 17:19:48 |
|
2017-09-19 21:22:48 |
|
2017-09-19 00:22:31 |
|
2017-09-18 21:25:31 |
|
2017-09-18 21:22:50 |
|
2017-09-16 09:25:01 |
|
2017-09-14 00:22:42 |
|
2017-09-13 00:22:26 |
|