SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c.
References
Link | Resource |
---|---|
https://github.com/troglobit/ssdp-responder/commit/ce04b1f29a137198182f60bbb628d5ceb8171765 | Patch Third Party Advisory |
https://github.com/troglobit/ssdp-responder/issues/1 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2019-07-28 13:15
Updated : 2024-02-28 17:08
NVD link : CVE-2019-14323
Mitre link : CVE-2019-14323
CVE.ORG link : CVE-2019-14323
JSON object : View
Products Affected
simple_service_discovery_protocol_responder_project
- simple_service_discovery_protocol_responder