Mandriva Linux Security Advisory : libupnp (MDVSA-2013:098)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Updated libupnp packages fix security vulnerabilities :

The Portable SDK for UPnP Devices libupnp library contains multiple
buffer overflow vulnerabilities. Devices that use libupnp may also
accept UPnP queries over the WAN interface, therefore exposing the
vulnerabilities to the internet (CVE-2012-5958, CVE-2012-5959,
CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963,
CVE-2012-5964, CVE-2012-5965).

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 66110 ()

Bugtraq ID: 57602

CVE ID: CVE-2012-5958
CVE-2012-5959
CVE-2012-5960
CVE-2012-5961
CVE-2012-5962
CVE-2012-5963
CVE-2012-5964
CVE-2012-5965

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now