UPnP Internet Gateway Device (IGD) Protocol Detection

This script is Copyright (C) 2009-2011 Tenable Network Security, Inc.


Synopsis :

The remote device supports the IGD protocol.

Description :

According to UPnP data, the remote device is a NAT router which supports
the Internet Gateway Device (IGD) Standardized Device Control Protocol.

IGD is dangerous as it allows a remote attacker to punch holes in your
firewall, for example through a malicious Flash animation.

See also :

http://www.gnucitizen.org/blog/flash-upnp-attack-faq/
http://en.wikipedia.org/wiki/Internet_Gateway_Device_Protocol

Solution :

Filter incoming traffic to this port or disable this service

Risk factor :

Medium / CVSS Base Score : 4.8
(CVSS2#AV:A/AC:L/Au:N/C:N/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 35709 ()

Bugtraq ID:

CVE ID: