Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Arch Linux ASA-201510-11 Critical: miniupnpc Remote Execution

Archlinux Large Esm H446
The package miniupnpc before version 1.9.20151008-1 is vulnerable to arbitrary code execution.
Arch Linux Security Advisory ASA-201510-11
=========================================
Severity: Critical
Date    : 2015-10-18
CVE-ID  : CVE-2015-6031
Package : miniupnpc
Type    : arbitrary code execution
Remote  : Yes
Link    : https://wiki.archlinux.org/title/CVE

Summary
======
The package miniupnpc before version 1.9.20151008-1 is vulnerable to
arbitrary code execution.

Resolution
=========
Upgrade to 1.9.20151008-1.

# pacman -Syu "miniupnpc>=1.9.20151008-1"

The problem has been fixed upstream but no release is available.

Workaround
=========
None.

Description
==========
An exploitable buffer overflow vulnerability exists in the XML parser
functionality of the MiniUPnP library. A specially crafted XML response
can lead to a buffer overflow on the stack resulting in remote code
execution. An attacker can set up a server on the local network to
trigger this vulnerability.

Impact
=====
A remote attacker is able to create a specially crafted XML response on
a server set up on the local network to execute arbitrary code on the
client.

References
=========
https://talosintelligence.com/vulnerability_reports/TALOS-2015-0035/
https://www.cve.org/CVERecord?id=CVE-2015-6031
https://bugs.archlinux.org/task/46612