Details of VAR-E-201201-0033

ID

VAR-E-201201-0033

CVE

cve_id:	CVE-2013-0229	Trust: 3.0
cve_id:	CVE-2013-0230	Trust: 1.8
cve_id:	CVE-2012-5958	Trust: 0.8
cve_id:	CVE-2012-5964	Trust: 0.3
cve_id:	CVE-2012-5960	Trust: 0.3
cve_id:	CVE-2012-5959	Trust: 0.3
cve_id:	CVE-2012-5962	Trust: 0.3
cve_id:	CVE-2012-5963	Trust: 0.3
cve_id:	CVE-2012-5961	Trust: 0.3
cve_id:	CVE-2012-5965	Trust: 0.3

sources: BID: 57607 // BID: 57608 // BID: 57602 // PACKETSTORM: 160242 // PACKETSTORM: 131651 // PACKETSTORM: 132599 // PACKETSTORM: 121873 // EXPLOIT-DB: 38249 // EDBNET: 23462 // EDBNET: 59368

EDB ID

38249

TITLE

MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities - Multiple dos Exploit

Trust: 0.6

sources: EXPLOIT-DB: 38249

DESCRIPTION

MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities. CVE-2013-0229 . dos exploit for Multiple platform

Trust: 0.6

sources: EXPLOIT-DB: 38249

AFFECTED PRODUCTS

vendor:	miniupnp	model:	-	scope:	eq	version:	1.4	Trust: 1.0
vendor:	miniupnp	model:	project miniupnp	scope:	eq	version:	1.0	Trust: 0.6
vendor:	miniupnp	model:	project miniupnp	scope:	ne	version:	1.4	Trust: 0.6
vendor:	infomark	model:	imw-c920w miniupnpd	scope:	eq	version:	1.0	Trust: 0.6
vendor:	libupnp	model:	-	scope:	eq	version:	1.6.18	Trust: 0.5
vendor:	miniupnpd	model:	-	scope:	eq	version:	1.0	Trust: 0.5
vendor:	miniupnpd	model:	remote	scope:	eq	version:	1.0	Trust: 0.5
vendor:	miniupnpd	model:	stack buffer overflow	scope:	eq	version:	1.0	Trust: 0.5
vendor:	miniupnp	model:	project miniupnp	scope:	eq	version:	1.3	Trust: 0.3
vendor:	d link	model:	dir-836l	scope:	eq	version:	1.03	Trust: 0.3
vendor:	d link	model:	dir-826l 1.04b05	scope:	-	version:	-	Trust: 0.3
vendor:	d link	model:	dir-636l	scope:	eq	version:	1.03	Trust: 0.3
vendor:	d link	model:	dir-626l	scope:	eq	version:	1.03	Trust: 0.3
vendor:	miniupnp	model:	project miniupnp	scope:	ne	version:	1.3	Trust: 0.3
vendor:	miniupnp	model:	project miniupnp	scope:	ne	version:	1.1	Trust: 0.3
vendor:	d link	model:	dir-836l 1.04b09	scope:	ne	version:	-	Trust: 0.3
vendor:	d link	model:	dir-826l 1.05b06	scope:	ne	version:	-	Trust: 0.3
vendor:	d link	model:	dir-636l 1.05b07	scope:	ne	version:	-	Trust: 0.3
vendor:	d link	model:	dir-626l 1.04b04	scope:	ne	version:	-	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3

EXPLOIT

source: https://www.securityfocus.com/bid/57602/info

MiniUPnP is prone to multiple denial-of-service vulnerabilities.

Attackers can exploit these issues to cause denial-of-service conditions.

MiniUPnP versions prior to 1.4 are vulnerable.

M-SEARCH * HTTP/1.1
Host:239.255.255.250:1900
ST:uuid:schemas:device:MX:3< no CRLF >

Trust: 1.0

sources: EXPLOIT-DB: 38249

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 38249

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 38249

TYPE

overflow

Trust: 1.0

sources: PACKETSTORM: 160242 // PACKETSTORM: 121873

CREDITS

Rapid7

Trust: 0.6

sources: EXPLOIT-DB: 38249

EXTERNAL IDS

db:	NVD	id:	CVE-2013-0229	Trust: 3.0
db:	NVD	id:	CVE-2013-0230	Trust: 2.4
db:	BID	id:	57602	Trust: 1.9
db:	EXPLOIT-DB	id:	38249	Trust: 1.6
db:	NVD	id:	CVE-2012-5958	Trust: 0.8
db:	0DAYTODAY	id:	23837	Trust: 0.6
db:	EDBNET	id:	23462	Trust: 0.6
db:	EDBNET	id:	59368	Trust: 0.6
db:	PACKETSTORM	id:	160242	Trust: 0.5
db:	PACKETSTORM	id:	131651	Trust: 0.5
db:	PACKETSTORM	id:	132599	Trust: 0.5
db:	PACKETSTORM	id:	121873	Trust: 0.5
db:	CERT/CC	id:	VU#922681	Trust: 0.3
db:	BID	id:	57607	Trust: 0.3
db:	BID	id:	57608	Trust: 0.3
db:	NVD	id:	CVE-2012-5964	Trust: 0.3
db:	NVD	id:	CVE-2012-5960	Trust: 0.3
db:	NVD	id:	CVE-2012-5959	Trust: 0.3
db:	NVD	id:	CVE-2012-5962	Trust: 0.3
db:	NVD	id:	CVE-2012-5963	Trust: 0.3
db:	NVD	id:	CVE-2012-5961	Trust: 0.3
db:	NVD	id:	CVE-2012-5965	Trust: 0.3

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2013-0229	Trust: 2.7
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0230	Trust: 1.5
url:	https://www.securityfocus.com/bid/57602/info	Trust: 1.0
url:	https://0day.today/exploits/23837	Trust: 0.6
url:	https://www.exploit-db.com/exploits/38249/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-5958	Trust: 0.5
url:	https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/922681	Trust: 0.3
url:	http://miniupnp.free.fr/	Trust: 0.3
url:	https://community.rapid7.com/servlet/jiveservlet/download/2150-1-16596/securityflawsupnp.pdf	Trust: 0.3

sources: BID: 57607 // PACKETSTORM: 160242 // PACKETSTORM: 131651 // PACKETSTORM: 132599 // PACKETSTORM: 121873 // EXPLOIT-DB: 38249 // EDBNET: 23462 // EDBNET: 59368

SOURCES

db:	BID	id:	57607
db:	BID	id:	57608
db:	BID	id:	57602
db:	PACKETSTORM	id:	160242
db:	PACKETSTORM	id:	131651
db:	PACKETSTORM	id:	132599
db:	PACKETSTORM	id:	121873
db:	EXPLOIT-DB	id:	38249
db:	EDBNET	id:	23462
db:	EDBNET	id:	59368

LAST UPDATE DATE

2022-07-27T09:12:09.108000+00:00

SOURCES UPDATE DATE

db:	BID	id:	57607	date:	2013-01-28T00:00:00
db:	BID	id:	57608	date:	2015-05-12T19:46:00
db:	BID	id:	57602	date:	2015-04-13T21:38:00

SOURCES RELEASE DATE

db:	BID	id:	57607	date:	2013-01-28T00:00:00
db:	BID	id:	57608	date:	2013-01-28T00:00:00
db:	BID	id:	57602	date:	2013-01-29T00:00:00
db:	PACKETSTORM	id:	160242	date:	2020-11-26T19:02:22
db:	PACKETSTORM	id:	131651	date:	2015-04-27T15:55:55
db:	PACKETSTORM	id:	132599	date:	2015-07-08T00:53:09
db:	PACKETSTORM	id:	121873	date:	2013-06-05T00:50:31
db:	EXPLOIT-DB	id:	38249	date:	2012-01-28T00:00:00
db:	EDBNET	id:	23462	date:	2015-07-08T00:00:00
db:	EDBNET	id:	59368	date:	2012-01-28T00:00:00

tag:	exploit	Trust: 2.0
tag:	overflow	Trust: 1.5
tag:	denial of service	Trust: 1.0
tag:	remote	Trust: 1.0
tag:	shell	Trust: 0.5
tag:	code execution	Trust: 0.5
tag:	web	Trust: 0.5

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES UPDATE DATE

SOURCES RELEASE DATE