Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 7 Mar 2016 13:04:50 +0100
From: Salva Peiró <>
Subject: CVE Request: The minissdpd (v 1.2.20130907-3) is affected by an
 improper validation of array index weakness

Hi everyone,

A vulnerability in the minissdpd daemon has been found that affects
minissdpd version 1.2.20130907-3 available in Debian and Ubuntu.
The vulnerability can be exploited by a local unprivileged user
with write access to /var/run/minissdpd.sock to crash the minissdpd
daemon that runs with superuser privileges.

More details at:;dist=unstable.

Is there a CVE for this? If not, could one be assigned, please?

Salva Peiró

Salva Peiró @
CS Researcher & Software Engineer
Universitat Politècnica de València, Spain.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ