thr3ads.net - Secure testing team - [Secure-testing-team] Bug#534594: CVE-2009-2174: denial of service (crash) via an empty (1) subscription or (2) control message [Jun 2009]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Giuseppe Iuculano

2009-Jun-25 16:44 UTC

[Secure-testing-team] Bug#534594: CVE-2009-2174: denial of service (crash) via an empty (1) subscription or (2) control message

Package: gupnp
Severity: important
Tags: security


Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for gupnp.

CVE-2009-2174[0]:
| GUPnP 0.12.7 allows remote attackers to cause a denial of service
| (crash) via an empty (1) subscription or (2) control message.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2174
    http://security-tracker.debian.net/tracker/CVE-2009-2174

Cheers,
Giuseppe.

Secure testing team - Jun 2009 - Bug#534594: CVE-2009-2174: denial of service (crash) via an empty (1) subscription or (2) control message

[Secure-testing-team] Bug#534594: CVE-2009-2174: denial of service (crash) via an empty (1) subscription or (2) control message