174 matches found
Ubuntu: Security Advisory (USN-2780-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MiniUPnP library buffer overflow
Buffer overflow on network request processing...
USN-2780-2: MiniUPnP vulnerability
USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Original advisory details: Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionalit...
Ubuntu 14.04 LTS : MiniUPnP vulnerability (USN-2780-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2780-1 advisory. Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a...
USN-2780-1 miniupnpc vulnerability
Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code with privileges of the user running an application that uses th...
USN-2780-1: MiniUPnP vulnerability
Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code with privileges of the user running an application that uses th...
miniupnpc: arbitrary code execution
An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...
CVE-2015-6031
Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...
MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow
Talos Vulnerability Report TALOS-2015-0035 MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow September 15, 2015 CVE Number CVE-2015-6031 Description An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted...
miniupnpc -- buffer overflow
Talos reports: An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigg...
MiniUPnP < 1.9 Multiple Vulnerabilities
According to its banner, the version of MiniUPnP running on the remote host is prior to 1.9. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists in the Domain Name System DNS related to the 'rebinding' interaction. An unauthenticated, remote attacker can...
DEBIAN-CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
Out-of-bounds
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3985
CVE-2014-3985 affects the MiniUPnP library (MiniUPnPc/MiniUPnP 1.9) via the function getHTTPResponse in miniwget.c . A crafted header can trigger an out-of-bounds read, allowing remote attackers to cause a denial of service (crash). Multiple sources confirm the impact as a remote DoS and point to...
CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
UBUNTU-CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...