Hi list,
I am writing to inform you of an information disclosure vulnerability I noticed
in MiniUPnPd a few months back. Specifically, MiniUPnPd versions 1.8 and
earlier are prone to an information disclosure vulnerability due to improper
use of snprintf() while preparing SSDP responses. An
On Fri, Jul 12, 2013 at 2:16 PM, cyo...@tripwire.com wrote:
...
This issue was addressed on April 26, 2013 as noted in the changelog:
http://miniupnp.free.fr/files/changelog.php?file=miniupnpd-1.8.20130607.tar.gz
2013/04/26:
Correctly handle truncated snprintf() in SSDP code
The