logo
DATABASE RESOURCES PRICING ABOUT US

AlmaLinux 8 : gssdp and gupnp (ALSA-2021:1789)

Description

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1789 advisory. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event- subscription URL, aka the CallStranger issue. (CVE-2020-12695) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related