148 matches found
GLSA-201701-52 : libupnp: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-52 libupnp: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libupnp. Please review the CVE identifiers referenced below for details. Impact : A remote attack could arbitrarily write files to a user...
MGASA-2017-0002 Updated libupnp packages fix security vulnerability
Scott Tenaglia discovered a heap buffer overflow vulnerability, that can lead to denial of service or remote code execution CVE-2016-8863...
Updated libupnp packages fix security vulnerability
Scott Tenaglia discovered a heap buffer overflow vulnerability, that can lead to denial of service or remote code execution CVE-2016-8863...
FreeBSD : upnp -- multiple vulnerabilities (244c8288-cc4a-11e6-a475-bcaec524bf84)
Matthew Garett reports : Reported this to upstream 8 months ago without response, so: libupnp's default behaviour allows anyone to write to your filesystem. Seriously. Find a device running a libupnp based server Shodan says there's rather a lot, and POST a file to /testfile. Then GET /testfile...
Debian DSA-3736-1 : libupnp - security update
Two vulnerabilities were discovered in libupnp, a portable SDK for UPnP devices. - CVE-2016-6255 Matthew Garret discovered that libupnp by default allows any user to write to the filesystem of the host running a libupnp-based server application. - CVE-2016-8863 Scott Tenaglia discovered a heap...
Debian DLA-747-1 : libupnp security update
Scott Tenaglia discovered a heap-based buffer overflow in libupnp, a portable SDK for UPnP Devices. That can lead to denial of service or remote code execution. For Debian 7 'Wheezy', these problems have been fixed in version 1:1.6.17-1.2+deb7u2. We recommend that you upgrade your libupnp package...
[SECURITY] [DLA 747-1] libupnp security update
Package : libupnp Version : 1:1.6.17-1.2+deb7u2 CVE ID : CVE-2016-8863 Debian Bug : 842093 Scott Tenaglia discovered a heap-based buffer overflow in libupnp, a portable SDK for UPnP Devices. That can lead to denial of service or remote code execution. For Debian 7 "Wheezy", these problems have be...
[SECURITY] [DSA 3736-1] libupnp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3736-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 16, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3736-1] libupnp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3736-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 16, 2016 https://www.debian.org/security/faq -...
DLA-747-1 libupnp - security update
Bulletin has no description...
DSA-3736-1 libupnp - security update
Bulletin has no description...
Debian Security Advisory DSA 3736-1 (libupnp - security update)
Two vulnerabilities were discovered in libupnp, a portable SDK for UPnP devices. CVE-2016-6255 Matthew Garret discovered that libupnp by default allows any user to write to the filesystem of the host running a libupnp-based server application. CVE-2016-8863 Scott Tenaglia discovered a heap buffer...
Debian: Security Advisory (DSA-3736-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libupnp Detection (UPnP)
UPnP based detection of libupnp. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108015";...
libupnp Detection (HTTP)
HTTP based detection of libupnp. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.106376";...
MiCasa VeraLite Remote Code Execution Exploit
Exploit for hardware platform in category remote exploits Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platfor...
MiCasa VeraLite Remote Code Execution
Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1. Description A remote attacker can execute...
MiCasaVerde VeraLite - Remote Code Execution
Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1. Description A remote attacker can execute...
Old versions of the libupnp library security risk analysis-vulnerability warning-the black bar safety net
0x1 libupnp description libupnp is a Portable, Portable UPnP C language development package, UPnP is a network Protocol that allows the device to automatically search for and set. Libupnp to the latest version is 1. 6. 2 0, the compile time for 2 0 1 6 7 May 7, last version of 1. 6. 1 9, The...
Portable SDK for UPnP Devices (libupnp) HTTP Arbitrary File Write
The Portable SDK for UPnP Devices libupnp running on the remote host is affected by a flaw that is triggered when handling HTTP POST or GET requests. An unauthenticated, remote attacker can exploit this to write arbitrary files to the web server file system. C Tenable Network Security, Inc...