This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Portable Sdk For Upnp Project First view 2013-01-31
Product Portable Sdk For Upnp Last view 2013-01-31
Version 1.6.3 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:portable_sdk_for_upnp_project:portable_sdk_for_upnp

Activity : Overall

Related : CVE

  Date Alert Description
10 2013-01-31 CVE-2012-5960

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka upnp:rootdevice) field in a UDP packet.

10 2013-01-31 CVE-2012-5959

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka uuid) field within a string that contains a :: (colon colon) in a UDP packet.

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Snort® IPS/IDS

Date Description
2014-01-10 libupnp command buffer overflow attempt
RuleID : 25620 - Type : SERVER-OTHER - Revision : 4
2014-01-10 libupnp command buffer overflow attempt
RuleID : 25612 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

id Description
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2013-90.nasl - Type: ACT_GATHER_INFO
2014-03-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201403-06.nasl - Type: ACT_GATHER_INFO
2013-04-20 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2013-098.nasl - Type: ACT_GATHER_INFO
2013-02-21 Name: The remote Fedora host is missing a security update.
File: fedora_2013-2352.nasl - Type: ACT_GATHER_INFO
2013-02-21 Name: The remote Fedora host is missing a security update.
File: fedora_2013-2377.nasl - Type: ACT_GATHER_INFO
2013-02-13 Name: The remote Fedora host is missing a security update.
File: fedora_2013-1713.nasl - Type: ACT_GATHER_INFO
2013-02-13 Name: The remote Fedora host is missing a security update.
File: fedora_2013-1734.nasl - Type: ACT_GATHER_INFO
2013-02-13 Name: The remote Fedora host is missing a security update.
File: fedora_2013-1765.nasl - Type: ACT_GATHER_INFO
2013-02-04 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2614.nasl - Type: ACT_GATHER_INFO
2013-02-04 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2615.nasl - Type: ACT_GATHER_INFO
2013-02-01 Name: A network service running on the remote host is affected by multiple remote c...
File: libupnp_1_6_18.nasl - Type: ACT_GATHER_INFO
2013-01-31 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_2ea6ce3d6afd11e29d4ebcaec524bf84.nasl - Type: ACT_GATHER_INFO