CVE-2013-2600
https://notcve.org/view.php?id=CVE-2013-2600
MiniUPnPd has information disclosure use of snprintf() MiniUPnPd, presenta una divulgación de información en el uso de la función snprintf(). • http://archives.neohapsis.com/archives/bugtraq/2013-07/0085.html http://archives.neohapsis.com/archives/bugtraq/2013-07/0086.html https://exchange.xforce.ibmcloud.com/vulnerabilities/85774 https://seclists.org/bugtraq/2013/Jul/84 https://security-tracker.debian.org/tracker/CVE-2013-2600 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-12111
https://notcve.org/view.php?id=CVE-2019-12111
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una desreferencia de puntero NULL en copyIPv6IfDifferent en pcpserver.c. • https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVE-2019-12109
https://notcve.org/view.php?id=CVE-2019-12109
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una diferencia de puntero NULL en GetOutboundPinholeTimeout en upnpsoap.c para rem_port. • https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVE-2019-12108
https://notcve.org/view.php?id=CVE-2019-12108
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una diferencia de puntero NULL en GetOutboundPinholeTimeout en upnpsoap.c para int_port. • https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVE-2019-12106
https://notcve.org/view.php?id=CVE-2019-12106
The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. La función updateDevice en minissdpd.c en MiniUPnP MiniSSDPd versión 1.4 y versión 1.5, permite que un atacante remoto bloquee el proceso debido a una vulnerabilidad de acceso a memoria previamente liberada (User-After-Free). • https://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6f https://lists.debian.org/debian-lts-announce/2019/05/msg00037.html https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-416: Use After Free •