Denial of Service Vulnerability in MiniUPnP by MiniUPnPd
CVE-2013-1462

Currently unrated

Key Information:

Vendor: Miniupnp Project
Status: Miniupnpd
Vendor: CVE Published:; 31 January 2013

🔔 Create Miniupnp Project Vulnerability Alert

What is CVE-2013-1462?

A vulnerability exists in the ExecuteSoapAction function of the SOAPAction handler in the HTTP service of MiniUPnP MiniUPnPd 1.0. This flaw enables remote attackers to exploit an integer signedness error, leading to a denial of service condition through an improperly formatted SOAPAction header that omits the required double quote character. This malfunction can result in incorrect memory copy operations, impacting the availability of the service.

References

https://community.rapid7.com/servlet/JiveServlet/download...

x_refsource_MISC

https://community.rapid7.com/servlet/servlet.FileDownload...

x_refsource_MISC

https://community.rapid7.com/community/infosec/blog/2013/...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 31, 2013
Vulnerability Reserved
Jan 29, 2013

CVE-2013-1462 Data

JSON