174 matches found
USN-3298-1 miniupnpc vulnerability
It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library...
USN-3298-1: MiniUPnP vulnerability
It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library...
CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
DEBIAN-CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2017-8798
CVE-2017-8798 concerns an integer signedness error in the MiniUPnP library (MiniUPnPc) used by miniupnpc. AffectedVersions: v1.4.20101221 through v2.0. Root cause: a signedness/bounds issue in the getHTTPResponse/miniwget path that parses chunked-encoded HTTP responses. Impact: remote attacker co...
CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
UBUNTU-CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
miniupnpc -- integer signedness error
Tintinweb reports: An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located on the local network segment to trigger a heap corruption or an access violation in miniupnp's http response parser when processing a specially crafted...
MiniUPnP Detection (UDP)
UDP based detection of MiniUPnP. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108016";...
MiniUPnP Detection (TCP)
TCP based detection of MiniUPnP. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108017";...
MiniUPnP DNS Rebind Vulnerability
The remote host is running a version of MiniUPnP that is affected by an unspecified flaw that exists in the Domain Name System DNS related to the 'rebinding' interaction. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted web page, to run a...
Cisco MiniUPnP Stack Smashing Protection Attack
The Internet of Things security challenge is twofold: finding bugs, and more urgent—fixing them. Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year. The...
MiniUPnP Client Buffer Overflow Vulnerability
MiniUPnP Client aka MiniUPnPc is a library developed by the MiniUPnP project that enables applications to forward ports using UPnP-enabled Internet gateway devices. A buffer overflow vulnerability exists in the 'IGDstartelt' function in the igddescparse.c file in versions of MiniUPnP Client prior...
CVE-2015-6031
Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...
CVE-2015-6031
Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...
CVE-2015-6031
CVE-2015-6031 : A buffer overflow exists in MiniUPnP Client (MiniUPnPc) in the IGDstartelt function within igd_desc_parse.c. Versions before 1.9.20150917 are affected, allowing remote UPNP servers to crash the application and potentially execute arbitrary code via an oversized XML element name. S...
CVE-2015-6031
Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...
MGASA-2015-0416 Updated miniupnpc package fixes security vulnerability
An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...
Updated miniupnpc package fixes security vulnerability
An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...