12 matches found
openSUSE Security Advisory (openSUSE-SU-2024:0093-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for minidlna (important)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2024:0093-1 Rating: important References: 1222007 Cross-References: CVE-2023-33476 CVSS scores: CVE-2023-33476 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP...
USN-6398-1: ReadyMedia vulnerabilities
It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly use this issue to trick the local DLNA server to leak information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-26505 It was...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : ReadyMedia vulnerabilities (USN-6398-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6398-1 advisory. It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly u...
Mageia: Security Advisory (MGASA-2023-0224)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0224 Updated minidlna packages fix security vulnerability
Out-of-bounds read/write due to buffer overflow CVE-2023-33476...
Debian DSA-5434-1 : minidlna - security update
The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5434 advisory. A heap-based buffer overflow vulnerability was found in the HTTP chunk parsing code of minidlna, a lightweight DLNA/UPnP-AV server, which may result in denial of...
[SECURITY] [DSA 5434-1] minidlna security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5434-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2023 https://www.debian.org/security/faq -...
CVE-2023-33476
ReadyMedia MiniDLNA versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the...
CVE-2023-33476
ReadyMedia MiniDLNA versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the...
CVE-2023-33476
ReadyMedia (MiniDLNA) vulnerable in versions 1.1.15–1.3.2 due to incorrect validation of HTTP chunked requests, causing a heap-based buffer overflow with out-of-bounds read/write. Impact includes potential exposure or compromise of data; advisories recommend upgrading to a newer release (Gentoo G...
CVE-2023-33476
ReadyMedia MiniDLNA versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the...