CVE-2006-3687

Currently unrated

Key Information:

Vendor: D-link
Status: Wbr-1310 Wireless G Router; Di-604 Broadband Router; Di-784; Ebr-2310 Ethernet Broadband Router
Vendor: CVE Published:; 21 July 2006

Summary

Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.

References

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/archive/1/440298/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/440852/100/100/thr...

mailing-listx_refsource_BUGTRAQ

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 21, 2006
Vulnerability Reserved
Jul 18, 2006