4 matches found
Mageia: Security Advisory (MGASA-2021-0319)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0319 Updated libupnp packages fix a security vulnerability
The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp libupnp appears to be vulnerable to DNS rebinding attacks because it does not check the value of the 'Host' header. This can be mitigated by using DNS revolvers whic...
lipupnp < 1.14.6 DNS Rebind Vulnerability (GHSA-6hqq-w3jq-9fhg)
libupnp is prone to a DNS rebind vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-29462
The CVE-2021-29462 vulnerability affects the Portable SDK for UPnP Devices (libupnp). The server component fails to validate the Host header, enabling DNS rebinding attacks. Public advisories consistently state the issue is fixed in version 1.14.6 and later. Related OpenVAS/Mageia/Arch Linux entr...