Lucene search

K
cveRedhatCVE-2013-0229
HistoryJan 31, 2013 - 9:55 p.m.

CVE-2013-0229

2013-01-3121:55:01
redhat
web.nvd.nist.gov
67
cve-2013-0229
processssdprequest
miniupnp
miniupnpd
denial of service
buffer over-read
nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

Low

EPSS

0.972

Percentile

99.9%

The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

Affected configurations

Nvd
Node
miniupnp_projectminiupnpdRange1.3
OR
miniupnp_projectminiupnpdMatch1.0
OR
miniupnp_projectminiupnpdMatch1.1
OR
miniupnp_projectminiupnpdMatch1.2
VendorProductVersionCPE
miniupnp_projectminiupnpd*cpe:2.3:a:miniupnp_project:miniupnpd:*:*:*:*:*:*:*:*
miniupnp_projectminiupnpd1.0cpe:2.3:a:miniupnp_project:miniupnpd:1.0:*:*:*:*:*:*:*
miniupnp_projectminiupnpd1.1cpe:2.3:a:miniupnp_project:miniupnpd:1.1:*:*:*:*:*:*:*
miniupnp_projectminiupnpd1.2cpe:2.3:a:miniupnp_project:miniupnpd:1.2:*:*:*:*:*:*:*

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

Low

EPSS

0.972

Percentile

99.9%