CVE-2016-3178

Name of the Vulnerable Software and Affected Versions MiniSSDPd version 1.2.20130907-3

Description The issue concerns the processRequest function in minissdpd.c, which allows local users to cause a denial of service. This can be achieved through vectors involving a negative length value, resulting in out-of-bounds memory access and daemon crash.

Recommendations For MiniSSDPd version 1.2.20130907-3, as a temporary workaround, consider disabling the processRequest function until a patch is available. Restrict access to the minissdpd.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.