3 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. • https://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html https://lists.debian.org/debian-lts-announce/2023/06/msg00027.html https://security.gentoo.org/glsa/202311-12 https://sourceforge.net/p/minidlna/git/ci/9bd58553fae5aef3e6dd22f51642d2c851225aec https://sourceforge.net/projects/minidlna https://www.debian.org/security/2023/dsa-5434 • CWE-787: Out-of-bounds Write •

CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. Un problema de reenganche de DNS en ReadyMedia (anteriormente MiniDLNA) versiones anteriores a 1.3.1, permite que un servidor web remoto exfiltre archivos multimedia • http://www.openwall.com/lists/oss-security/2022/03/06/1 https://lists.debian.org/debian-lts-announce/2022/04/msg00005.html https://security.gentoo.org/glsa/202311-12 https://sourceforge.net/p/minidlna/git/ci/c21208508dbc131712281ec5340687e5ae89e940 https://www.openwall.com/lists/oss-security/2022/03/03/1 • CWE-290: Authentication Bypass by Spoofing •

CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 2

ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. ReadyMedia (también se conoce como MiniDLNA) versiones anteriores a 1.3.0, permite una ejecución de código remota. Mediante el envío de una petición HTTP UPnP maliciosa hacia el servicio miniDLNA usando la codificación HTTP fragmentada puede conllevar un bug de firma resultando en un desbordamiento del búfer en unas llamadas hacia memcpy/memmove • https://github.com/lorsanta/exploit-CVE-2020-28926 https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html https://sourceforge.net/projects/minidlna https://www.debian.org/security/2020/dsa-4806 https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •