CVE-2006-2366 Information

Description

ircp_io.c in libopenobex for ircp 1.2 when ircp is run with the -r option does not prompt the user when overwriting files which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366484 http://secunia.com/advisories/20302 http://www.securityfocus.com/bid/17921 https://exchange.xforce.ibmcloud.com/vulnerabilities/26686