CVE-2006-1366

Name of the Vulnerable Software and Affected Versions Motorola PEBL U6 version 08.83.76R possibly other Motorola P2K-based phones (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service, potentially shutting down the device, and possibly execute arbitrary code. This is achieved by sending a long OBEX setpath to the OBEX File Transfer service, also known as FTP, on Bluetooth channel 9.

Recommendations For Motorola PEBL U6 version 08.83.76R: consider disabling the OBEX File Transfer service on Bluetooth channel 9 until a patch is available. For other Motorola P2K-based phones: restrict access to the OBEX File Transfer service on Bluetooth channel 9 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.