|
UPNP NOTIFY overflow |
|
|
|
| FAQ | |||
|
|
SummaryAn attacker can send a specially formatted version of the UPnP NOTIFY directive, causing a buffer overflow. This can potentially be exploited to gain control over a target system. Default installations of Windows XP systems are especially vulnerable.
Details
The Universal Plug and Play service, included with Windows XP and Windows ME, and optionally with Windows 98, can be exploited in this manner. A default installation of the original Windows XP release is particularly vulnerable. If you have any of these operating systems, you should visit the Microsoft Web site and upgrade your system with the necessary security fixes.
| more information |
|
Version appeared: 3.1