ID CVE-2013-0229
Summary The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.
References
Vulnerable Configurations
  • MiniUPnP Project MiniUPnPd 1.3
    cpe:2.3:a:miniupnp_project:miniupnpd:1.3
  • MiniUPnP Project MiniUPnPd 1.2
    cpe:2.3:a:miniupnp_project:miniupnpd:1.2
  • MiniUPnP Project MiniUPnPd 1.1
    cpe:2.3:a:miniupnp_project:miniupnpd:1.1
  • MiniUPnP Project MiniUPnPd 1.0
    cpe:2.3:a:miniupnp_project:miniupnpd:1.0
CVSS
Base: 7.8 (as of 08-10-2015 - 10:17)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
  • description MiniUPnP Multiple Denial of Service Vulnerabilities. CVE-2013-0229. Dos exploits for multiple platform
    id EDB-ID:38249
    last seen 2016-02-04
    modified 2012-01-28
    published 2012-01-28
    reporter Rapid7
    source https://www.exploit-db.com/download/38249/
    title MiniUPnP Multiple Denial of Service Vulnerabilities
  • description INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service. CVE-2013-0229,CVE-2013-0230. Dos exploit for hardware platform
    id EDB-ID:37517
    last seen 2016-02-04
    modified 2015-07-07
    published 2015-07-07
    reporter Todor Donev
    source https://www.exploit-db.com/download/37517/
    title INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service
metasploit via4
nessus via4
NASL family Gain a shell remotely
NASL id MINIUPNPD_1_4.NASL
description According to its banner, the version of MiniUPnP running on the remote host is prior to 1.4. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the ProcessSSDPRequest() function in file minissdp.c that allows an unauthenticated, remote attacker to cause a denial of service condition via a specially crafted M-SEARCH request. (CVE-2013-0229) - A stack-based buffer overflow condition exists in the ExecuteSoapAction() function in the SOAPAction handler, due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a long quoted method, to cause a denial of service condition or the execution of arbitrary code. (CVE-2013-0230)
last seen 2019-02-21
modified 2018-11-15
plugin id 64377
published 2013-01-31
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=64377
title MiniUPnP < 1.4 Multiple Vulnerabilities
packetstorm via4
refmap via4
misc
the hacker news via4
id THN:E067CA1FBC7C95B306C9F3F8A9615CEA
last seen 2017-01-08
modified 2013-01-29
published 2013-01-29
reporter Mohit Kumar
source http://thehackernews.com/2013/01/security-flaws-in-upnp-protocol-put-50.html
title Security Flaws in UPnP protocol put 50 million devices at risk
Last major update 08-10-2015 - 10:34
Published 31-01-2013 - 16:55
Back to Top