CVE-2020-28926

Name
CVE-2020-28926
Description
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://sourceforge.net/projects/minidlna/
Exploit https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/
DEBIAN https://www.debian.org/security/2020/dsa-4806
MLIST https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:readymedia_project:readymedia:*:*:*:*:*:*:*:* readymedia >= None < 1.3.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
minidlna 3.13-community 1.2.1-r2 Francesco Colista <francesco.colista@gmail.com> fixed