D-Link Routers UPnP M-SEARCH Request Buffer Overflow

    Date17 Jul 2006
    Posted ByBrittany Day
    eEye Digital Security has reported a vulnerability in various D-Link routers, which can be exploited by malicious people to compromise a vulnerable network device.

    The vulnerability is caused due to a boundary error in the UPnP service when processing "M-SEARCH" requests. This can be exploited to cause a stack-based buffer overflow by sending an "M-SEARCH" request with an overly long string (about 800 bytes) to port 1900/UDP.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.