GUPnP Message Handling Denial Of Service Vulnerability Network Vulnerability

Summary

This host has installed GUPnP is prone to Denial Of Service Vulnerability

Impact

Successful exploitation via specially crafted messages will allow attackers to run arbitrary code, crash the application and cause cause denial of service. Impact Level: System/Application

Solution

Upgrade to version 0.12.8 or later. http://www.gupnp.org/sources/

Insight

The flaw is due to an error when processing subscription or control messages with an empty content.

Affected

GUPnP Version 0.12.7 and prior.

References

http://secunia.com/advisories/35482
http://www.osvdb.org/55128
http://www.vupen.com/english/advisories/2009/1597

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2174
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
Apache APR-Utils Multiple Denial of Service Vulnerabilities
Django Forms Library Algorithmic Complexity Vulnerability

Take action and discover your vulnerabilities