PT-2013-2172 · Miniupnp · Miniupnpd
Hd Moore
·
Publicado
2013-01-31
·
Atualizado
2015-10-08
·
CVE-2013-0229
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
MiniUPnPd versions prior to 1.4
Description
The issue is related to the ProcessSSDPRequest function in the SSDP handler, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a crafted request that triggers a buffer over-read, resulting in the service crashing.
Recommendations
For versions prior to 1.4, update to version 1.4 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Miniupnpd