Debian DLA-1103-1 : bluez security update (BlueBorne)
Low Nessus Plugin ID 103390
SynopsisThe remote Debian host is missing a security update.
DescriptionThe SDP server in BlueZ is vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
For Debian 7 'Wheezy', these problems have been fixed in version 4.99-2+deb7u1.
We recommend that you upgrade your bluez packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.