CVE-2016-3178

Опубликовано: 24 мар. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value.

Ссылки

http://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/03/16/13
Mailing List
Patch
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816759
Issue Tracking
Mailing List
Patch
Third Party Advisory
https://github.com/miniupnp/miniupnp/commit/b238cade9a173c6f751a34acf8ccff838a62aa47
Patch
Third Party Advisory
http://speirofr.appspot.com/files/advisory/SPADV-2016-02.md
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/03/16/13
Mailing List
Patch
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816759
Issue Tracking
Mailing List
Patch
Third Party Advisory
https://github.com/miniupnp/miniupnp/commit/b238cade9a173c6f751a34acf8ccff838a62aa47
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:miniupnp_project:minissdpd:1.2.20130907-3:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00065

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2016-3178

CVSS3: 5.5

ubuntu

почти 9 лет назад

CVE-2016-3178

CVSS3: 5.5

debian

почти 9 лет назад

The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 ...

GHSA-xm64-phgg-mwc9

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 21%

0.00065

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125