RHEL 4 : bluez-utils (RHSA-2007:0065)
Medium Nessus Plugin ID 25238
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The bluez-utils package contains Bluetooth daemons and utilities.
A flaw was found in the Bluetooth HID daemon (hidd). A remote attacker would have been able to inject keyboard and mouse events via a Bluetooth connection without any authorization. (CVE-2006-6899)
Note that Red Hat Enterprise Linux does not come with the Bluetooth HID daemon enabled by default.
Users of bluez-utils are advised to upgrade to these updated packages, which contains a backported patch to correct this issue.
SolutionUpdate the affected bluez-utils and / or bluez-utils-cups packages.