MiniUPnPc: Buffer overflow

2017-01-17T00:00:00
ID GLSA-201701-41
Type gentoo
Reporter Gentoo Foundation
Modified 2017-01-17T00:00:00

Description

Background

UPnP client library and a simple UPnP client.

Description

An out-of-bounds read was discovered in the getHTTPResponse function in miniwget.c in MiniUPnPc.

Impact

Remote attackers, through specially crafted headers, could cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All MiniUPnPc users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-libs/miniupnpc-1.9.20150427"