Red Hat Security Advisory 2021-1789-01 - GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP.
0d15fc8159a2228c24e415032ab41c2ff7b6bc9c04ea5236cf30c530d6494763Debian Linux Security Advisory 4898-1 - Several vulnerabilities have been discovered in wpa_supplicant and hostapd.
beda0161fb6dbecc5fa406f217cd58f29ad375739b5e967ada8225791a6d7572Ubuntu Security Notice 4734-2 - USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpa_supplicant did not properly handle P2P group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. Various other issues were also addressed.
49410830b0c8b8841b939879c09f65434aed797cf17da754ead53d148a5e865fUbuntu Security Notice 4734-1 - It was discovered that wpa_supplicant did not properly handle P2P group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. Various other issues were also addressed.
da5ea348150c757a77c57580c53d55f823503da3fdee08a9926dcaf7bc16522cUbuntu Security Notice 4722-1 - It was discovered that ReadyMedia allowed subscription requests with a delivery URL on a different network segment than the fully qualified event-subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. It was discovered that ReadyMedia allowed remote code execution. A remote attacker could send a malicious UPnP HTTP request to the service using HTTP chunked encoding and cause a denial of service.
03d575da1c0b2b220f45e07d15a6203a0a90208c813d66c4c2d55abf176f9e73Debian Linux Security Advisory 4806-1 - It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the "CallStranger" UPnP vulnerability.
b7b80b0f3734909dfe21dcae6fd31eabfe56df3eb643835d5ebe4c724d7a784fUbuntu Security Notice 4494-1 - It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.
d3875434bb5b4c21a1998c33ca3377de59ad32d63e34614ddb94c1795d6e9839The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. This tool checks for the vulnerability.
74417ee5e3a7179a22e86e5d705efe713b327750125d3e74e051f826677f640c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed