Ubuntu: Security Advisory (USN-4794-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0002)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4794-1: libupnp vulnerabilities

Matthew Garrett discovered that libupnp mishandled POST requests by default. An attacker could use this vulnerability to write files to arbitrary locations in the victim's filesystem, possibly as root. CVE-2016-6255 It was discovered that libupnp mishandled certain input. A remote attacker could...

Fedora 26 : libupnp (2017-23535a31f8)

miniserver: fix binding to ipv6 link-local addresses - Fix out-of-bound access in createurllist CVE-2016-8863 - If the error or info log files can not be created, use stderr and stdout instead. - SF Bug Tracker 132 CVE-2016-6255: write files via POST Note that Tenable Network Security has...

openSUSE Security Update : libupnp (openSUSE-2017-650)

This update to libupnp 1.6.21 fixes the following security issues : - various string handling issues bsc898167 - CVE-2016-8863: out-of-bounds access bsc1006256 - CVE-2016-6255: fix for file write via POST bsc989948 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Fedora Update for libupnp FEDORA-2017-3bd0b2e2c0

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3736-1 : libupnp - security update

Two vulnerabilities were discovered in libupnp, a portable SDK for UPnP devices. - CVE-2016-6255 Matthew Garret discovered that libupnp by default allows any user to write to the filesystem of the host running a libupnp-based server application. - CVE-2016-8863 Scott Tenaglia discovered a heap...

[SECURITY] [DLA 748-1] libupnp4 security update

Package : libupnp4 Version : 1.8.0svn20100507-1.2+deb7u1 CVE ID : CVE-2016-8863 Scott Tenaglia discovered a heap-based buffer overflow in libupnp4, a portable SDK for UPnP Devices. That can lead to denial of service or remote code execution. For Debian 7 "Wheezy", these problems have been fixed i...

[SECURITY] [DSA 3736-1] libupnp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3736-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 16, 2016 https://www.debian.org/security/faq -...

libupnp Heap Buffer Overflow Vulnerability

libupnp is prone to a heap buffer overflow vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libupnpproject:libupnp";...