what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2015-6031

Status Candidate

Overview

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.

Related Files

Gentoo Linux Security Advisory 201801-08
Posted Jan 8, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-8 - A vulnerability in MiniUPnPc might allow remote attackers to execute arbitrary code. Versions less than 2.0.20170509 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2015-6031
SHA-256 | 053ead498e8f21d494d13aa8af9d8f81816d53516a9a57b061381ce8c34d2bce
Debian Security Advisory 3379-1
Posted Oct 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3379-1 - Aleksandar Nikolic of Cisco Talos discovered a buffer overflow vulnerability in the XML parser functionality of miniupnpc, a UPnP IGD client lightweight library. A remote attacker can take advantage of this flaw to cause an application using the miniupnpc library to crash, or potentially to execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | cisco, linux, debian
advisories | CVE-2015-6031
SHA-256 | b0c1e115225f56b3ee6713291f81e268dbebd0fe866fb7b322cc0e08081268c8
Ubuntu Security Notice USN-2780-2
Posted Oct 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2780-2 - USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-6031
SHA-256 | b07559135335bcf314f4f89008703d4bc96f9143e02bf9e7d4bb22f1b3335a91
Ubuntu Security Notice USN-2780-1
Posted Oct 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2780-1 - Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-6031
SHA-256 | afd5865ef1963ee7a26e07db611c821c91f0a869b605a50e748e72c46647c46f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close