Debian Security Advisory DSA 2615-1 (libupnp4 - several vulnerabilities)

Multiple stack-based buffer overflows were discovered in libupnp4, a library used for handling the Universal Plug and Play protocol. HD Moore from Rapid7 discovered that SSDP queries where not correctly handled by the uniqueservicename function. An attacker sending carefully crafted SSDP queries ...