CVE-2005-3995

Name of the Vulnerable Software and Affected Versions Sobexsrv versions prior to 1.0.0-pre4

Description The issue is related to a format string vulnerability in the dosyslog function within the OBEX server. This vulnerability can be exploited when the syslog function is enabled, allowing remote attackers to execute arbitrary code by including format string specifiers in file name arguments to OBEX commands.

Recommendations For Sobexsrv versions prior to 1.0.0-pre4, consider disabling the syslog function until a patch is available. Restrict access to the OBEX server to minimize the risk of exploitation. Avoid using the dosyslog function in the OBEX server until the issue is resolved.