The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.
References
Link | Resource |
---|---|
http://speirofr.appspot.com/files/advisory/SPADV-2016-02.md | Patch Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/03/16/13 | Mailing List Patch Third Party Advisory |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816759 | Issue Tracking Patch Third Party Advisory |
https://github.com/miniupnp/miniupnp/commit/140ee8d2204b383279f854802b27bdb41c1d5d1a | Issue Tracking Patch Third Party Advisory |
Configurations
History
19 Apr 2021, 15:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:miniupnp_project:minissdpd:1.2.20130907-3:*:*:*:*:*:*:* | |
CWE | CWE-416 |
Information
Published : 2017-03-24 15:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-3179
Mitre link : CVE-2016-3179
CVE.ORG link : CVE-2016-3179
JSON object : View
Products Affected
miniupnp_project
- minissdpd
CWE
CWE-416
Use After Free