Details of VAR-201301-0513

ID

VAR-201301-0513

TITLE

Broadcom UPnP Stack ‘ SetConnectionType() 'Function Format String Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201301-623

DESCRIPTION

Broadcom UPnP is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with root privileges. Failed exploit attempts will likely result in a denial-of-service condition.

Trust: 0.3

sources: BID: 57649

AFFECTED PRODUCTS

vendor:

d link

model:

dsl-2640b

scope:

version:

Trust: 0.3

sources: BID: 57649

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201301-623

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-201301-623

EXTERNAL IDS

db:	BID	id:	57649	Trust: 0.9
db:	CNNVD	id:	CNNVD-201301-623	Trust: 0.6

sources: BID: 57649 // CNNVD: CNNVD-201301-623

REFERENCES

url:

http://www.securityfocus.com/bid/57649

Trust: 0.6

sources: CNNVD: CNNVD-201301-623

CREDITS

Leon Juranic and Vedran Kajic

Trust: 0.9

sources: BID: 57649 // CNNVD: CNNVD-201301-623

SOURCES

db:	BID	id:	57649
db:	CNNVD	id:	CNNVD-201301-623

LAST UPDATE DATE

2022-05-17T02:08:13.802000+00:00

SOURCES UPDATE DATE

db:	BID	id:	57649	date:	2015-03-19T09:23:00
db:	CNNVD	id:	CNNVD-201301-623	date:	2013-02-04T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	57649	date:	2013-01-31T00:00:00
db:	CNNVD	id:	CNNVD-201301-623	date:	2013-01-31T00:00:00