60 matches found
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the no-ip package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
No-IP-Dynamic-Update-Client-
This exploit covers a stack-based overflow present in -i parameter, IPaddress variable name in source code. It is probably the most basic parameter, as this is the way to say the client that our IP has changed import os binary = "./noip-2.1.9-1/binaries/noip2-i686" shellcode =...
Microsoft Settles With No-IP Over Malware Takedown
It’s been a weird couple of weeks for Microsoft. On June 30 the company announced its latest malware takedown operation, which included a civil law suit against Vitalwerks, a small Nevada hosting provider, and the seizure of nearly two dozen domains the company owned. Now, 10 days later, Microsof...
All Seized Domains Returned to No-IP
Less than a week after Microsoft seized nearly two dozen domains owned by a small hosting provider as part of a takedown of a malware operation, all of those domains are back in the control of the provider, No-IP. When Microsoft announced the takedown on June 30, officials said that the company h...
Microsoft Says 'Technical Error' Led to Legitimate No-IP Customers Losing Service
In the course of its actions to take down a major malware operation, Microsoft seized more than 20 domains from No-IP.com, a hosting provider in Nevada. Microsoft now admits that the company made a technical mistake as part of that takedown, an errors that resulted in legitimate No-IP.com custome...
Latest Microsoft Malware Takedown Causes Waves in Security Community
Microsoft’s latest takedown of a malware operation, announced Monday and involving the infrastructure of several malware families, has, like many of the company’s actions, elicited strong opinions on both sides of the issue from security researchers, activists and others with a stake in the game...
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
No description provided by source. !/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider...
No-IP DUC Client for Windows - Local Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29758/info The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to obtain potentially sensitiv...
No-IP DUC <= 2.1.7 - Remote Code Execution Exploit
No description provided by source. / | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c...
Microsoft Seized No-IP Domains, Millions of Dynamic DNS Service Users Suffer Outage
In an effort to crackdown on cyber crimes, Microsoft has taken a legal action against a malware network what it thought is responsible for more than 7.4 million infections of Windows PCs across the globe. Millions of legitimate servers that rely on Dynamic Domain Name Service DDNS from No-IP.com,...
Njw0rm RAT Spreads Via USB Drives, Steals No-IP Credentials
Remote access Trojans, or RATs, are typically stay-at-home creatures. Central to a good many targeted attacks for their ability to steal data from compromised computers, RATs aren’t generally built with the capability to spread to more machines. A variant of njRAT, however, has broken that mold...
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
To be easily portable, the client is written in C, with minimal dependencies. So far so good, but the problem is, it is plagued of buffer overflows. import os binary = "./noip-2.1.9-1/binaries/noip2-i686" shellcode = "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"...
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
No-IP Dynamic Update Client DUC 2.1.9 - Local IP Address Stack Overflow !/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the...
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...
No-IP Dynamic Update Client 2.1.9 Stack Overflow
!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...
DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable
DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable DarkComet-RAT v4.0 Change log - DarkComet-RAT is now compiled on Delphi XE instead of Delphi 2010. - Synthax highlighter added in remote keylogger. - Multithreading is now more efficient, no more freezing, using a new powerfull and stable...
No-IP Windows Dynamic Update Client Detection
The No-IP Windows dynamic update client is installed on the remote Windows host. This software is intended to map a dynamic IP address, such as those found on a residential broadband or dialup connection, to a static host name, such as www.example.com. It can also be abused to host unsanctioned...
Debian Security Advisory DSA 1686-1 (no-ip)
The remote host is missing an update to no-ip announced via advisory DSA 1686-1. OpenVAS Vulnerability Test $Id: deb16861.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1686-1 no-ip Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1686-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
No-IP DUC Remote code execution vulnerability
This host has No-IP DUC installed and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbnoipdnsbofvuln.nasl 5158 2017-02-01 14:53:04Z mime $ No-IP DUC Remote code execution vulnerability Authors: Chandan S Copyright: Copyright c 2008 Greenbone Networks GmbH,...