PT-2016-3934 · Blueman+1 · Blueman+1

The Grugq

Published

2015-10-11

Updated

2019-01-17

CVE-2015-8612

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Blueman versions prior to 2.0.3

Description The issue allows local users to gain privileges. It is related to the EnableNetwork method in the Network class. The dhcp handler argument is involved in the issue.

Recommendations For versions prior to 2.0.3, update to version 2.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the EnableNetwork method in the Network class until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALT-PU-2015-1855

CVE-2015-8612

DSA-3427-1

MGASA-2015-0491

Affected Products

Alt Linux

Blueman

PT-2016-3934 · Blueman+1 · Blueman+1

CVE-2015-8612

Weakness Enumeration

Related Identifiers

Affected Products

References · 25