Denial of Service Vulnerability in PNP_GetDeviceList (UPnP)

Denial of Service Vulnerability in PNP_GetDeviceList (UPnP)

CVE-2005-3644 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.

Learn more about our Web Application Penetration Testing UK.