Lucene search
K

174 matches found

OpenVAS
OpenVAS
added 2015/10/26 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-2780-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.04783EPSS
Exploits1References2
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.156 views

MiniUPnP library buffer overflow

Buffer overflow on network request processing...

6.8CVSS3.8AI score0.04783EPSS
Exploits1References1Affected Software1
Ubuntu
Ubuntu
added 2015/10/23 6:7 a.m.56 views

USN-2780-2: MiniUPnP vulnerability

USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Original advisory details: Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionalit...

6.8CVSS8.1AI score0.04783EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/10/21 12:0 a.m.26 views

Ubuntu 14.04 LTS : MiniUPnP vulnerability (USN-2780-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2780-1 advisory. Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a...

6.8CVSS8.2AI score0.04783EPSS
Exploits1References2
OSV
OSV
added 2015/10/20 9:49 p.m.2 views

USN-2780-1 miniupnpc vulnerability

Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code with privileges of the user running an application that uses th...

6.8CVSS7.7AI score0.04783EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2015/10/20 9:49 p.m.58 views

USN-2780-1: MiniUPnP vulnerability

Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code with privileges of the user running an application that uses th...

6.8CVSS8.1AI score0.04783EPSS
Exploits1
ArchLinux
ArchLinux
added 2015/10/18 12:0 a.m.40 views

miniupnpc: arbitrary code execution

An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...

6.8CVSS7.1AI score0.04783EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2015/10/16 12:0 a.m.25 views

CVE-2015-6031

Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...

6.8CVSS7.3AI score0.04783EPSS
Exploits1References4
Talos
Talos
added 2015/09/15 12:0 a.m.57 views

MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow

Talos Vulnerability Report TALOS-2015-0035 MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow September 15, 2015 CVE Number CVE-2015-6031 Description An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted...

6.8CVSS7.3AI score0.04783EPSS
Exploits1
FreeBSD
FreeBSD
added 2015/09/15 12:0 a.m.44 views

miniupnpc -- buffer overflow

Talos reports: An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigg...

6.8CVSS7.4AI score0.04783EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/01/21 12:0 a.m.179 views

MiniUPnP < 1.9 Multiple Vulnerabilities

According to its banner, the version of MiniUPnP running on the remote host is prior to 1.9. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists in the Domain Name System DNS related to the 'rebinding' interaction. An unauthenticated, remote attacker can...

6.4AI score
Exploits0References1
OSV
OSV
added 2014/09/11 6:55 p.m.2 views

DEBIAN-CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS6.5AI score0.03312EPSS
Exploits1References1
NVD
NVD
added 2014/09/11 6:55 p.m.19 views

CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS6.3AI score0.03312EPSS
Exploits1References7
OSV
OSV
added 2014/09/11 6:55 p.m.7 views

CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

6.7AI score
Exploits0References15
Prion
Prion
added 2014/09/11 6:55 p.m.27 views

Out-of-bounds

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS7AI score0.03312EPSS
Exploits1References7Affected Software2
Cvelist
Cvelist
added 2014/09/11 6:0 p.m.19 views

CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

6.2AI score0.03312EPSS
Exploits1References7
CVE
CVE
added 2014/09/11 6:0 p.m.87 views

CVE-2014-3985

CVE-2014-3985 affects the MiniUPnP library (MiniUPnPc/MiniUPnP 1.9) via the function getHTTPResponse in miniwget.c . A crafted header can trigger an out-of-bounds read, allowing remote attackers to cause a denial of service (crash). Multiple sources confirm the impact as a remote DoS and point to...

5CVSS6.4AI score0.03312EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2014/09/11 6:0 p.m.26 views

CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS6.1AI score0.03312EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/06/09 12:0 a.m.31 views

CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS5.9AI score0.03312EPSS
Exploits1References3
OSV
OSV
added 2014/06/09 12:0 a.m.5 views

UBUNTU-CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS5.8AI score0.03312EPSS
Exploits1References4
Rows per page
Query Builder