no-ip -- buffer overflow

2008-12-14T00:00:00
ID DSA-1686
Type debian
Reporter Debian
Modified 2008-12-14T00:00:00

Description

A buffer overflow has been discovered in the HTTP parser of the No-IP.com Dynamic DNS update client, which may result in the execution of arbitrary code.

For the stable distribution (etch), this problem has been fixed in version 2.1.1-4+etch1.

For the upcoming stable distribution (lenny) and the unstable distribution (sid), this problem has been fixed in version 2.1.7-11.

We recommend that you upgrade your no-ip package.