GUPnP Message Handling Denial Of Service Vulnerability Network Vulnerability

Summary

This host has installed GUPnP is prone to Denial Of Service Vulnerability

Impact

Successful exploitation via specially crafted messages will allow attackers to run arbitrary code, crash the application and cause cause denial of service. Impact Level: System/Application

Solution

Upgrade to version 0.12.8 or later. http://www.gupnp.org/sources/

Insight

The flaw is due to an error when processing subscription or control messages with an empty content.

Affected

GUPnP Version 0.12.7 and prior.

References

http://secunia.com/advisories/35482
http://www.osvdb.org/55128
http://www.vupen.com/english/advisories/2009/1597

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2174

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
EtherApe RPC Packet Processing Denial of Service Vulnerability
Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win

Take action and discover your vulnerabilities