• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Nokia Affix BTFTP Client Filename Remote Buffer Overflow Vulnerability

The Nokia Affix btftp client software is prone to a remote client-side buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks that are performed on filename data before this data is copied into a finite memory buffer.

This issue may be exploited by an attacker that is under control of an OBEX File Transfer server, to execute arbitrary code in the context of the affected clients that connect to the malicious server, and request a directory listing.