CVE-2017-8798 – MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service

https://notcve.org/view.php?id=CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Error de entero sin signo en MiniUPnP MiniUPnPc versiónes desde la 1.4.20101221 hasta la 2.0 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado. miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response. • https://www.exploit-db.com/exploits/43501 http://miniupnp.free.fr/files/changelog.php?file=miniupnpc-2.0.20170509.tar.gz https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 https://lists.debian.org/debian-lts-announce/2020/04/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •