7 matches found
CVE-2015-6031
creationtimestamp| type| source ---|---|--- 2024-11-18 03:26:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113501822965987817 2024-11-18 03:29:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113501836193686265...
openSUSE Security Update : miniupnpc (openSUSE-2015-789)
MiniUPnP was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-6031: XML parser buffer overflow boo950759 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2015-6031
CVE-2015-6031 : A buffer overflow exists in MiniUPnP Client (MiniUPnPc) in the IGDstartelt function within igd_desc_parse.c. Versions before 1.9.20150917 are affected, allowing remote UPNP servers to crash the application and potentially execute arbitrary code via an oversized XML element name. S...
Updated miniupnpc package fixes security vulnerability
An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...
[SECURITY] [DSA 3379-1] miniupnpc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3379-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 25, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3379-1] miniupnpc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3379-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 25, 2015 https://www.debian.org/security/faq -...
UBUNTU-CVE-2015-6031
Buffer overflow in the IGDstartelt function in igddescparse.c in the MiniUPnP client aka MiniUPnPc before 1.9.20150917 allows remote UPNP servers to cause a denial of service application crash and possibly execute arbitrary code via an "oversized" XML element name...