1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • GUPnP vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, September 15, 2020 08:10:01
    gupnp vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS

    Summary

    gupnp could be made to expose sensitive information or perform
    network attacks if it received specially crafted network traffic.

    Software Description

    * gupnp - framework for creating UPnP devices and control points

    Details

    It was discovered that GUPnP incorrectly handled certain
    subscription requests. A remote attacker could possibly use this
    issue to exfiltrate data or use GUPnP to perform DDoS attacks.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libgupnp-1.2-0 - 1.2.3-0ubuntu0.20.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2020-12695

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)