Ubuntu Security Update USN-4542-1: MiniUPnPd vulnerabilities

LinuxBot

Member
Joined
Apr 25, 2017
Messages
30
Reaction score
10
Credits
0
It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. (CVE-2019-12107) It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12108, CVE-2019-12109) It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12110) It was discovered that MiniUPnPd did not properly parse certain PCP requests. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12111)

Continue reading...
 

Members online


Top