ArchLinux: 201510-11: miniupnpc: arbitrary code execution
Summary
An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this vulnerability.
Resolution
Upgrade to 1.9.20151008-1.
# pacman -Syu "miniupnpc>=1.9.20151008-1"
The problem has been fixed upstream but no release is available.
References
https://talosintelligence.com/vulnerability_reports/TALOS-2015-0035/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6031 https://bugs.archlinux.org/task/46612
Workaround
None.