CVE-2015-6031
published 2015-11-02CVE-2015-6031: Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause…
PriorityP335medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
4.78%
90.8th percentile
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | miniupnpc | < miniupnpc 1.9.20140610-2.1 (bookworm) | miniupnpc 1.9.20140610-2.1 (bookworm) |
| miniupnp_project | miniupnpc | <= 1.9 | — |
| miniupnp_project | miniupnpc | — | — |
| miniupnp_project | miniupnpc | >= 0 < 1.9.20140610-2.1 | 1.9.20140610-2.1 |
| miniupnp_project | miniupnpc | >= 0 < 1.9.20140610-2.1 | 1.9.20140610-2.1 |
| miniupnp_project | miniupnpc | >= 0 < 1.9.20140610-2.1 | 1.9.20140610-2.1 |
| miniupnp_project | miniupnpc | >= 0 < 1.9.20140610-2.1 | 1.9.20140610-2.1 |
| opensuse | leap | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w2jg-6vfx-xj22: miniupnp before 4c90b87, as used in Bitcoin Core before 0
ghsa_unreviewed·2024-11-18·CVSS 6.8
CVE-2015-20111 [MEDIUM] CWE-120 GHSA-w2jg-6vfx-xj22: miniupnp before 4c90b87, as used in Bitcoin Core before 0
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation.
GHSA
GHSA-m2cw-vw6v-jp5c: Buffer overflow in the IGDstartelt function in igd_desc_parse
ghsa_unreviewed·2022-05-14
CVE-2015-6031 [MEDIUM] CWE-119 GHSA-m2cw-vw6v-jp5c: Buffer overflow in the IGDstartelt function in igd_desc_parse
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
OSV
CVE-2015-6031: Buffer overflow in the IGDstartelt function in igd_desc_parse
osv·2015-11-02·CVSS 6.8
CVE-2015-6031 [MEDIUM] CVE-2015-6031: Buffer overflow in the IGDstartelt function in igd_desc_parse
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
Ubuntu
MiniUPnP vulnerability
vendor_ubuntu·2015-10-23
CVE-2015-6031 MiniUPnP vulnerability
Title: MiniUPnP vulnerability
Summary: An application using the MiniUPnP library could be made to crash or run
programs as your login if it received specially crafted network traffic.
USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu
12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides
the corresponding update for Ubuntu 15.10.
Original advisory details:
Aleksandar Nikolic discovered a buffer overflow vulnerability in the
XML parser functionality of the MiniUPnP library. A remote attacker
could use this to cause a denial of service (application crash) or
possibly execute arbitrary code with privileges of the user running
an application that uses the MiniUPnP library.
Instructions: After a standard system update you need to restart applications using
the
Ubuntu
MiniUPnP vulnerability
vendor_ubuntu·2015-10-20
CVE-2015-6031 MiniUPnP vulnerability
Title: MiniUPnP vulnerability
Summary: An application using the MiniUPnP library could be made to crash or
run programs as your login if it received specially crafted network
traffic.
Aleksandar Nikolic discovered a buffer overflow vulnerability in the
XML parser functionality of the MiniUPnP library. A remote attacker
could use this to cause a denial of service (application crash) or
possibly execute arbitrary code with privileges of the user running
an application that uses the MiniUPnP library.
Instructions: After a standard system update you need to restart applications using
the MiniUPnP library to make all the necessary changes.
Debian
CVE-2015-6031: miniupnpc - Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP ...
vendor_debian·2015·CVSS 6.8
CVE-2015-6031 [MEDIUM] CVE-2015-6031: miniupnpc - Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP ...
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
Scope: local
bookworm: resolved (fixed in 1.9.20140610-2.1)
bullseye: resolved (fixed in 1.9.20140610-2.1)
forky: resolved (fixed in 1.9.20140610-2.1)
sid: resolved (fixed in 1.9.20140610-2.1)
trixie: resolved (fixed in 1.9.20140610-2.1)
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-updates/2015-11/msg00122.htmlhttp://talosintel.com/reports/TALOS-2015-0035/http://www.debian.org/security/2015/dsa-3379http://www.securityfocus.com/bid/77306http://www.ubuntu.com/usn/USN-2780-1http://www.ubuntu.com/usn/USN-2780-2https://github.com/miniupnp/miniupnp/blob/master/miniupnpc/Changelog.txthttps://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78https://security.gentoo.org/glsa/201801-08http://lists.opensuse.org/opensuse-updates/2015-11/msg00122.htmlhttp://talosintel.com/reports/TALOS-2015-0035/http://www.debian.org/security/2015/dsa-3379http://www.securityfocus.com/bid/77306http://www.ubuntu.com/usn/USN-2780-1http://www.ubuntu.com/usn/USN-2780-2https://github.com/miniupnp/miniupnp/blob/master/miniupnpc/Changelog.txthttps://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78https://security.gentoo.org/glsa/201801-08
2015-11-02
Published