CVE-2005-2250

Nokia Affix 2.1.2 and 3.2.0 - Buffer Overflow via Long Filename in OBEX File Share

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2250. PoCs published by Kevin Finisterre.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Nokia Affix btftp client (CVE-2005-2250) by crafting a malicious filename with shellcode to achieve remote code execution. The shellcode binds a shell to port 4444, allowing the attacker to gain root access.

Description

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kevin Finisterre · cremotehardware
https://www.exploit-db.com/exploits/1081

This exploit targets a buffer overflow vulnerability in Nokia Affix btftp client (CVE-2005-2250) by crafting a malicious filename with shellcode to achieve remote code execution. The shellcode binds a shell to port 4444, allowing the attacker to gain root access.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Nokia Affix btftp client version 2.1.1
No auth needed
Prerequisites: Bluetooth connectivity to the target device · Knowledge of the target's Bluetooth address · Ability to impersonate a trusted Bluetooth device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14230
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2005/dsa-762

Scores

EPSS 0.1031
EPSS Percentile 95.1%

Details

Status published
Products (10)
nokia/affix 2.0
nokia/affix 2.0.1
nokia/affix 2.0.2
nokia/affix 2.1
nokia/affix 2.1.1
nokia/affix 2.1.2
nokia/affix 2.3.0
nokia/affix 3.0
nokia/affix 3.1
nokia/affix 3.2.0
Published Jul 13, 2005
Tracked Since Feb 18, 2026