SB2013013104 - Multiple vulnerabilities in miniupnpd

Security Bulletin ID SB2013013104

Severity

High

Patch available

NO

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Stack-based buffer overflow (CVE-ID: CVE-2013-0230)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the ExecuteSoapAction function in the SOAPAction handler in the HTTP service when processing a long quoted method. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) NULL pointer dereference (CVE-ID: CVE-2013-1461)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230.

3) Input validation error (CVE-ID: CVE-2013-1462)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

SB2013013104 - Multiple vulnerabilities in miniupnpd

Breakdown by Severity

Description

Remediation

References

Please verify you're human