ET DOS Miniupnpd SoapAction MethodName Buffer Overflow (CVE-2013-0230)

SID: 2016364Rev: 20 viewsHistory

Sourceet/open

CreatedFebruary 7, 2013

UpdatedJune 14, 2022

Classificationattempted-dos

alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DOS Miniupnpd SoapAction MethodName Buffer Overflow (CVE-2013-0230)"; flow:to_server,established; content:"POST "; depth:5; content:"|0d 0a|SOAPAction|3a|"; nocase; distance:0; pcre:"/^[^\r\n]+#[^\x22\r\n]{2049}/R"; reference:url,community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play; reference:url,upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf; reference:cve,CVE-2013-0230; classtype:attempted-dos; sid:2016364; rev:2; metadata:created_at 2013_02_07, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_06_14;)

References

url	community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play
url	upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf
cve	CVE-2013-0230

Metadata

created at2013_02_07

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2022_06_14

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!