Google Android Operating System 2.3 < 2.3.6 Information Disclosure

Medium Nessus Network Monitor Plugin ID 6297

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

Versions of Google Android operating system prior to 2.3.6 are affected by an information disclosure vulnerability. The bluetooth stack used by the Google Android operating system allows a physically proximate attacker to obtain contact information via AT phonebook transfer.

Solution

Upgrade to Google Android operating system version 2.3.6 or later.

See Also

http://code.google.com/p/android/issues/detail?id=21347

Plugin Details

Severity: Medium

ID: 6297

File Name: 6297.prm

Published: 2012/01/31

Modified: 2016/11/23

Dependencies: 5287

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2011/10/28

Vulnerability Publication Date: 2011/10/28

Reference Information

CVE: CVE-2011-4276

BID: 51709