Lucene search
PRIOn knowledge basePRION:CVE-2015-6031HistoryNov 02, 2015 - 7:59 p.m.
Buffer overflow
2015-11-0219:59:00
PRIOn knowledge base
www.prio-n.com
8
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an “oversized” XML element name.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 15.04 | |
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 7.0 | |
| miniupnpc | le | 1.9 | |
| miniupnpc | eq | 1.9 | |
| miniupnpc | eq | 1.9 | |
| miniupnpc | eq | 1.9 | |
| miniupnpc | eq | 1.9 |
References
lists.opensuse.org/opensuse-updates/2015-11/msg00122.html
talosintel.com/reports/TALOS-2015-0035/
www.debian.org/security/2015/dsa-3379
www.securityfocus.com/bid/77306
www.ubuntu.com/usn/USN-2780-1
www.ubuntu.com/usn/USN-2780-2
github.com/miniupnp/miniupnp/blob/master/miniupnpc/Changelog.txt
github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
security.gentoo.org/glsa/201801-08
Related
gentoo
gentoo
MiniUPnPc: Arbitrary code execution
2018-01-07 00:00:00
nessus
nessus
GLSA-201801-08 : MiniUPnPc: Arbitrary code execution
2018-01-08 00:00:00
Ubuntu 15.10 : miniupnpc vulnerability (USN-2780-2)
2015-10-23 00:00:00
Debian DSA-3379-1 : miniupnpc - security update
2015-10-26 00:00:00
debian
debian
[SECURITY] [DSA 3379-1] miniupnpc security update
2015-10-25 12:38:19
[SECURITY] [DSA 3379-1] miniupnpc security update
2015-10-25 12:38:19
cvelist
cvelist
CVE-2015-6031
2015-11-02 19:00:00
threatpost
threatpost
Cisco MiniUPnP Stack Smashing Protection Attack
2016-01-27 11:00:28
archlinux
archlinux
miniupnpc: arbitrary code execution
2015-10-18 00:00:00
cve
cve
CVE-2015-6031
2015-11-02 19:59:14
freebsd
freebsd
miniupnpc -- buffer overflow
2015-09-15 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0416)
2015-11-08 00:00:00
Ubuntu: Security Advisory (USN-2780-2)
2015-10-26 00:00:00
Debian: Security Advisory (DSA-3379-1)
2015-10-24 00:00:00
securityvulns
securityvulns
MiniUPnP library buffer overflow
2015-10-25 00:00:00
[USN-2780-2] MiniUPnP vulnerability
2015-10-25 00:00:00
nvd
nvd
CVE-2015-6031
2015-11-02 19:59:14
debiancve
debiancve
CVE-2015-6031
2015-11-02 19:59:14
talos
talos
MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow
2015-09-15 00:00:00
ubuntu
ubuntu
MiniUPnP vulnerability
2015-10-23 00:00:00
MiniUPnP vulnerability
2015-10-20 00:00:00
ubuntucve
ubuntucve
CVE-2015-6031
2015-10-16 00:00:00
mageia
mageia
Updated miniupnpc package fixes security vulnerability
2015-10-30 23:11:10