Lucene search
PRIOn knowledge basePRION:CVE-2016-6255HistoryMar 07, 2017 - 4:59 p.m.
Design/Logic Flaw
2017-03-0716:59:00
PRIOn knowledge base
www.prio-n.com
6
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| libupnp | le | 1.6.20 |
References
www.debian.org/security/2016/dsa-3736
www.openwall.com/lists/oss-security/2016/07/18/13
www.openwall.com/lists/oss-security/2016/07/20/5
www.securityfocus.com/bid/92050
github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd
security.gentoo.org/glsa/201701-52
sourceforge.net/p/pupnp/code/ci/master/tree/ChangeLog
twitter.com/mjg59/status/755062278513319936
www.exploit-db.com/exploits/40589/
www.tenable.com/security/research/tra-2017-10
Related
debian
debian
[SECURITY] [DLA 597-1] libupnp security update
2016-08-18 00:12:51
[SECURITY] [DSA 3736-1] libupnp security update
2016-12-16 13:01:43
[SECURITY] [DSA 3736-1] libupnp security update
2016-12-16 13:01:43
cve
cve
CVE-2016-6255
2017-03-07 16:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0266)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-597-1)
2023-03-08 00:00:00
libupnp Unhandled POST Write Vulnerability
2016-07-27 00:00:00
archlinux
archlinux
libupnp: arbitrary filesystem access
2016-08-08 00:00:00
nvd
nvd
CVE-2016-6255
2017-03-07 16:59:00
osv
osv
CVE-2016-6255
2017-03-07 16:59:00
libupnp - security update
2016-12-16 00:00:00
libupnp vulnerabilities
2021-03-15 21:15:46
nessus
nessus
Debian DLA-597-1 : libupnp security update
2016-08-18 00:00:00
Portable SDK for UPnP Devices (libupnp) HTTP Arbitrary File Write
2016-08-30 00:00:00
Ubuntu 16.04 ESM : libupnp vulnerabilities (USN-4794-1)
2023-10-23 00:00:00
debiancve
debiancve
CVE-2016-6255
2017-03-07 16:59:00
mageia
mageia
Updated libupnp packages fix security vulnerability
2016-07-27 00:59:16
cvelist
cvelist
CVE-2016-6255
2017-03-07 16:00:00
ubuntucve
ubuntucve
CVE-2016-6255
2017-03-07 00:00:00
gentoo
gentoo
libupnp: Multiple vulnerabilities
2017-01-23 00:00:00
exploitpack
exploitpack
MiCasaVerde VeraLite - Remote Code Execution
2016-10-20 00:00:00
packetstorm
packetstorm
MiCasa VeraLite Remote Code Execution
2016-10-21 00:00:00
ubuntu
ubuntu
libupnp vulnerabilities
2021-03-15 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: libupnp-1.6.21-1.fc24
2017-03-13 23:53:43
[SECURITY] Fedora 25 Update: libupnp-1.6.21-1.fc25
2017-03-10 15:24:08
[SECURITY] Fedora 26 Update: libupnp-1.6.21-1.fc26
2017-04-01 17:42:11
freebsd
freebsd
upnp -- multiple vulnerabilities
2016-02-23 00:00:00
zdt
zdt
MiCasa VeraLite Remote Code Execution Exploit
2016-10-22 00:00:00
exploitdb
exploitdb
MiCasaVerde VeraLite - Remote Code Execution
2016-10-20 00:00:00