This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated bluez-utils packages that fix a security flaw are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The bluez-utils package contains Bluetooth daemons and utilities.
A flaw was found in the Bluetooth HID daemon (hidd). A remote attacker
would have been able to inject keyboard and mouse events via a
Bluetooth connection without any authorization. (CVE-2006-6899)
Note that Red Hat Enterprise Linux does not come with the Bluetooth
HID daemon enabled by default.
Users of bluez-utils are advised to upgrade to these updated packages,
which contains a backported patch to correct this issue.
See also :
Update the affected bluez-utils and / or bluez-utils-cups packages.
Risk factor :
Medium / CVSS Base Score : 5.4
Family: Red Hat Local Security Checks
Nessus Plugin ID: 25238 ()
CVE ID: CVE-2006-6899