35 matches found
EUVD-2017-18327
Malware in sbrugna...
EUVD-2017-18318
Malware in sbrugna...
EUVD-2017-18317
Malware in sbrugna...
CentOS 7 : gupnp (RHSA-2021:2417)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2417 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...
NewStart CGSL CORE 5.05 / MAIN 5.05 : gupnp Vulnerability (NS-SA-2022-0036)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gupnp packages installed that are affected by a vulnerability: - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to...
openSUSE 15 Security Update : gupnp (openSUSE-SU-2021:2153-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2153-1 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this...
Security update for gupnp (important)
openSUSE Security Update: Security update for gupnp Announcement ID: openSUSE-SU-2021:2153-1 Rating: important References: 1186590 Cross-References: CVE-2021-33516 CVSS scores: CVE-2021-33516 NVD : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2021-33516 SUSE: 9.4...
Updated gupnp packages fix a security vulnerability
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...
Amazon Linux 2 : gupnp (ALAS-2021-1673)
The version of gupnp installed on the remote host is prior to 1.0.2-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1673 advisory. A flaw was found in gupnp. DNS rebinding can occur when a victim's browser is used by a remote web server to trigger actions against...
openSUSE 15 Security Update : gupnp (openSUSE-SU-2021:0917-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:0917-1 advisory. - An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this...
OPENSUSE-SU-2021:0917-1 Security update for gupnp
This update for gupnp fixes the following issues: - CVE-2021-33516: Fixed a DNS rebinding, which could trick the browser into triggering actions against local UPnP services bsc1186590. This update was imported from the SUSE:SLE-15-SP2:Update update project...
Security update for gupnp (important)
openSUSE Security Update: Security update for gupnp Announcement ID: openSUSE-SU-2021:0917-1 Rating: important References: 1186590 Cross-References: CVE-2021-33516 CVSS scores: CVE-2021-33516 NVD : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2021-33516 SUSE: 9.4...
Important: Red Hat Security Advisory: gupnp security update
An update for gupnp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services
A flaw was found in gupnp. DNS rebinding can occur when a victim's browser is used by a remote web server to trigger actions against local UPnP services including data exfiltration, data tempering, and other exploits. The highest threat from this vulnerability is to data confidentiality and...
CentOS 8 : gupnp (CESA-2021:2363)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2363 advisory. - gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services CVE-2021-33516 Note that Nessus has not...
RHEL 7 : gupnp (RHSA-2021:2417)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2417 advisory. GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API...
Oracle Linux 7 : gupnp (ELSA-2021-2417)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2417 advisory. 1.0.2-6 + gupnp-1.0.3-3 - Fix DNS rebind issue - Resolves: 1964706 Tenable has extracted the preceding description block directly from the Oracle Linux security...
gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services
A flaw was found in gupnp. DNS rebinding can occur when a victim's browser is used by a remote web server to trigger actions against local UPnP services including data exfiltration, data tempering, and other exploits. The highest threat from this vulnerability is to data confidentiality and...
Important: Red Hat Security Advisory: gupnp security update
An update for gupnp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: gupnp security update
GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fixes: gupnp: allows DNS rebinding which could result in tricking browser into...