oss-sec mailing list archives
CVE Request: The minissdpd (v 1.2.20130907-3) is affected by an improper validation of array index weakness
From: Salva Peiró <speirofr () gmail com>
Date: Mon, 7 Mar 2016 13:04:50 +0100
Hi everyone, A vulnerability in the minissdpd daemon has been found that affects minissdpd version 1.2.20130907-3 available in Debian and Ubuntu. The vulnerability can be exploited by a local unprivileged user with write access to /var/run/minissdpd.sock to crash the minissdpd daemon that runs with superuser privileges. More details at: https://speirofr.appspot.com/files/advisory/SPADV-2016-02.md https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=minissdpd;dist=unstable. Is there a CVE for this? If not, could one be assigned, please? Regards, Salva Peiró -- Salva Peiró @ https://speirofr.appspot.com CS Researcher & Software Engineer Universitat Politècnica de València, Spain.
Current thread:
- CVE Request: The minissdpd (v 1.2.20130907-3) is affected by an improper validation of array index weakness Salva Peiró (Mar 07)