FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2ea6ce3d-6afd-11e2-9d4e-bcaec524bf84upnp -- multiple vulnerabilities

Project changelog reports:

This patch addresses three possible buffer overflows in function unique_service_name().The three issues have the folowing CVE numbers:

  • CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf
  • CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN
  • CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN

Notice that the following issues have already been dealt by previous work:

  • CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN
  • CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType
  • CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN
  • CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType
  • CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType

Discovery 2012-11-21
Entry 2013-01-30
upnp
< 1.6.18

CVE-2012-5958
CVE-2012-5959
CVE-2012-5960
CVE-2012-5961
CVE-2012-5962
CVE-2012-5963
CVE-2012-5964
CVE-2012-5965
a23871f6-059b-11eb-8758-e0d55e2a8bf9upnp -- denial of service (crash)

CVE mitre reports:

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.


Discovery 2020-06-04
Entry 2020-10-03
upnp
< 1.12.1_1,1

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13848
https://nvd.nist.gov/vuln/detail/CVE-2020-13848
https://github.com/pupnp/pupnp/issues/177
https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0
CVE-2020-13848
244c8288-cc4a-11e6-a475-bcaec524bf84upnp -- multiple vulnerabilities

Matthew Garett reports:

Reported this to upstream 8 months ago without response, so: libupnp's default behaviour allows anyone to write to your filesystem. Seriously. Find a device running a libupnp based server (Shodan says there's rather a lot), and POST a file to /testfile. Then GET /testfile ... and yeah if the server is running as root (it is) and is using / as the web root (probably not, but maybe) this gives full host fs access.

Scott Tenaglia reports:

There is a heap buffer overflow vulnerability in the create_url_list function in upnp/src/gena/gena_device.c.


Discovery 2016-02-23
Entry 2016-12-27
upnp
< 1.6.21

https://twitter.com/mjg59/status/755062278513319936
https://sourceforge.net/p/pupnp/bugs/133/
CVE-2016-6255
CVE-2016-8863
79fa9f23-9725-11eb-b530-7085c2fb2c14upnp -- stack overflow vulnerability

Mitre reports:

A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume stack space and lead to a crash.


Discovery 2021-03-12
Entry 2021-04-06
upnp
< 1.14.5,1

CVE-2021-28302
https://github.com/pupnp/pupnp/issues/249