All errata/sisyphus/ALT-PU-2016-2493-1
ALT-PU-2016-2493-1

Package update libupnp in branch sisyphus

Version1.6.21-alt1
Task#175476
Published2016-12-26
Max severityCRITICAL
Severity:

Closed issues (2)

CVE-2016-6255
HIGH7.5

Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.

Published: 2017-03-07Modified: 2025-04-20
CVSS 2.0MEDIUM 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2016-8863
CRITICAL9.8

Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.

Published: 2017-03-07Modified: 2025-04-20
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References