Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
MiniUPnPd Information Disclosure (CVE-2013-2600)
Jul 12 2013 06:16PM
cyoung tripwire com
I am writing to inform you of an information disclosure vulnerability I noticed in MiniUPnPd a few months back. Specifically, MiniUPnPd versions 1.8 and earlier are prone to an information disclosure vulnerability due to improper use of snprintf() while preparing SSDP responses. An attacke...
[ more ]
Copyright 2010, SecurityFocus