4 matches found
Oracle Linux 8 : gssdp / and / gupnp (ELSA-2021-1789)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1789 advisory. gssdp 1.0.5-1 + gssdp-1.0.5-1 - Update to 1.0.5 - Fix SUBSCRIBE misbehaviour - Resolves: 1861928 gupnp 1.0.6-1 + gupnp-1.0.6-1 - Update to 1.0.6 - Fix SUBSCRIBE...
Updated minidlna packages fix security vulnerabilities
It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...
CVE-2020-12695
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...
CVE-2020-12695 "CallStranger"
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. Recent assessments: kevthehermit at June 0...