[Bug 300609] [NEW] Remote buffer overflow vulnerability in noip2 2.1.7
Launchpad Bug Tracker
300609 at bugs.launchpad.net
Wed Nov 26 17:42:24 UTC 2008
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge (jdstrand):
Binary package hint: noip2
> No-IP Dynamic Update Client (DUC) is prone to a stack-based buffer-overflow vulnerability because it fails to adequately
> bounds-check input messages.
> An attacker can exploit this issue by enticing an unsuspecting user into connecting to a malicious server. Successful attacks will
> allow arbitrary code to run within the context of the affected application. Failed exploit attempts will result in a denial-of-service
> condition.
> DUC 2.1.7 for Linux is vulnerable; other versions may also be affected.
Source: http://www.securityfocus.com/bid/32344
No-ip.com published version 2.1.8 at http://www.no-ip.com/client/linux
/noip-duc-linux.tar.gz
Thanks!
** Affects: no-ip (Ubuntu)
Importance: Undecided
Status: New
--
Remote buffer overflow vulnerability in noip2 2.1.7
https://bugs.launchpad.net/bugs/300609
You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list