Details of VAR-200512-0059

ID

VAR-200512-0059

CVE

CVE-2005-4417

TITLE

Widcomm Bluetooth for Windows Remote attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200512-459

DESCRIPTION

The default configuration of Widcomm Bluetooth for Windows (BTW) 4.0.1.1500 and earlier, as installed on Belkin Bluetooth Software 1.4.2 Build 10 and ANYCOM Blue USB-130-250 Software 4.0.1.1500, and possibly other devices, sets null Authentication and Authorization values, which allows remote attackers to send arbitrary audio and possibly eavesdrop using the microphone via the Hands Free Audio Gateway and Headset profile. Blue Usb-130-250 Software is prone to a remote security vulnerability

Trust: 1.26

sources: NVD: CVE-2005-4417 // BID: 88931 // VULHUB: VHN-15625

AFFECTED PRODUCTS

vendor:	widcomm	model:	bluetooth for windows	scope:	eq	version:	4.0.1.1500	Trust: 1.9
vendor:	anycom	model:	blue usb-130-250 software	scope:	eq	version:	4.0.1.1500	Trust: 1.9
vendor:	belkin	model:	bluetooth software	scope:	eq	version:	1.4.2_build_10	Trust: 1.0
vendor:	belkin	model:	bluetooth software build	scope:	eq	version:	1.4.210	Trust: 0.3

sources: BID: 88931 // CNNVD: CNNVD-200512-459 // NVD: CVE-2005-4417

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-4417
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200512-459
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-15625
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-4417
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-15625
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-15625 // CNNVD: CNNVD-200512-459 // NVD: CVE-2005-4417

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4417

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-459

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200512-459

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-15625

EXTERNAL IDS

db:	NVD	id:	CVE-2005-4417	Trust: 2.0
db:	CNNVD	id:	CNNVD-200512-459	Trust: 0.7
db:	BUGTRAQ	id:	20051216 DMA[2005-1214A] - 'WIDCOMM BTW - BLUETOOTH FOR WINDOWS REMOTE AUDIO EAVESDROPPING'	Trust: 0.6
db:	BID	id:	88931	Trust: 0.4
db:	SEEBUG	id:	SSVID-63302	Trust: 0.1
db:	EXPLOIT-DB	id:	1357	Trust: 0.1
db:	VULHUB	id:	VHN-15625	Trust: 0.1

sources: VULHUB: VHN-15625 // BID: 88931 // CNNVD: CNNVD-200512-459 // NVD: CVE-2005-4417

REFERENCES

url:	http://www.securityfocus.com/archive/1/419642/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/archive/1/419642/100/0/threaded	Trust: 0.9

sources: VULHUB: VHN-15625 // BID: 88931 // CNNVD: CNNVD-200512-459 // NVD: CVE-2005-4417

CREDITS

Unknown

Trust: 0.3

sources: BID: 88931

SOURCES

db:	VULHUB	id:	VHN-15625
db:	BID	id:	88931
db:	CNNVD	id:	CNNVD-200512-459
db:	NVD	id:	CVE-2005-4417

LAST UPDATE DATE

2024-08-14T14:35:41.719000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-15625	date:	2018-10-19T00:00:00
db:	BID	id:	88931	date:	2005-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200512-459	date:	2005-12-20T00:00:00
db:	NVD	id:	CVE-2005-4417	date:	2018-10-19T15:40:54.910

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-15625	date:	2005-12-20T00:00:00
db:	BID	id:	88931	date:	2005-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200512-459	date:	2005-12-20T00:00:00
db:	NVD	id:	CVE-2005-4417	date:	2005-12-20T11:03:00