#VU10428 Memory corruption in MiniUPnP - CVE-2017-1000494

Cybersecurity Help s.r.o.

Published: 2018-02-08

Vulnerability identifier: #VU10428

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-1000494

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MiniUPnP
Client/Desktop applications / Other client software

Vendor: miniupnpd

Description
The vulnerability allows a remote attacker to cause DoS condition no the target system.

The weakness exists due to uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c). A remote attacker can trigger segmentation fault and memory corruption to cause the service to crash.

Mitigation
Update to version 2.0.

Vulnerable software versions

MiniUPnP: 1.2 - 1.9

External links
https://github.com/miniupnp/miniupnp/issues/268
https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for MiniUPnP