ID
VAR-E-201301-0123
TITLE
Broadcom UPnP Stack 'SetConnectionType()' Function Format String Vulnerability
Trust: 0.3
sources:
BID: 57649
DESCRIPTION
Broadcom UPnP is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary code with root privileges. Failed exploit attempts will likely result in a denial-of-service condition.
Trust: 0.3
sources:
BID: 57649
AFFECTED PRODUCTS
| vendor: | d link | model: | dsl-2640b | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 57649
EXPLOIT
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Trust: 0.3
sources:
BID: 57649
PRICE
Free
Trust: 0.3
sources:
BID: 57649
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 57649
CREDITS
Leon Juranic and Vedran Kajic
Trust: 0.3
sources:
BID: 57649
EXTERNAL IDS
| db: | BID | id: | 57649 | Trust: 0.3 |
sources:
BID: 57649
SOURCES
| db: | BID | id: | 57649 |
LAST UPDATE DATE
2022-07-27T09:54:28.185000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 57649 | date: | 2015-03-19T09:23:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 57649 | date: | 2013-01-31T00:00:00 |