Lucene search
K

60 matches found

OpenVAS
OpenVAS
added 2008/12/18 12:0 a.m.23 views

No-IP DUC RCE Vulnerability

No-IP DUC is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.6CVSS7.2AI score0.18462EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/12/15 12:0 a.m.16 views

Debian DSA-1686-1 : no-ip - buffer overflow

A buffer overflow has been discovered in the HTTP parser of the No-IP.com Dynamic DNS update client, which may result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

7.6CVSS5.9AI score0.18462EPSS
Exploits1References3
Debian
Debian
added 2008/12/14 8:23 p.m.18 views

[SECURITY] [DSA 1686-1] New no-ip packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1686-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 14, 2008 http://www.debian.org/security/faq -...

7.6CVSS6.8AI score0.18462EPSS
Exploits1
OSV
OSV
added 2008/12/14 12:0 a.m.11 views

DSA-1686-1 no-ip - arbitrary code execution

Bulletin has no description...

7.6CVSS6.7AI score0.18462EPSS
Exploits1
NVD
NVD
added 2008/12/01 3:30 p.m.21 views

CVE-2008-5297

Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function...

7.6CVSS7.6AI score0.18462EPSS
Exploits1References13
UbuntuCve
UbuntuCve
added 2008/12/01 3:30 p.m.23 views

CVE-2008-5297

Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function...

7.6CVSS6.2AI score0.18462EPSS
Exploits1References1
Prion
Prion
added 2008/12/01 3:30 p.m.11 views

Buffer overflow

Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function...

7.6CVSS7.9AI score0.18462EPSS
Exploits1References13Affected Software1
Cvelist
Cvelist
added 2008/12/01 3:0 p.m.24 views

CVE-2008-5297

Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function...

7.5AI score0.18462EPSS
Exploits1References13
CVE
CVE
added 2008/12/01 3:0 p.m.74 views

CVE-2008-5297

The CVE-2008-5297 issue affects the No-IP DUC/no-ip-updater, where the GetNextLine() function in noip2.c lacks a length check, causing a stack-based buffer overflow. This allows a remote attacker to execute arbitrary code by sending a crafted HTTP response to DNS update traffic. Exploitation is c...

7.6CVSS7.5AI score0.18462EPSS
Exploits1References13Affected Software1
seebug.org
seebug.org
added 2008/11/21 12:0 a.m.22 views

No-IP Dynamic Update Client远程栈溢出漏洞

BUGTRAQ ID: 32344 No-IP Dynamic Update Client是用于保持IP地址与特定DNS主机名同步的工具。 No-IP Dynamic Update Client没有正确地处理从dynupdate.no-ip.com接收到的HTTP响应,如果攻击者通过中间人或DNS欺骗攻击伪造了DNS服务器的话,则客户端用户在连接到该服务器执行升级的时候就可能触发栈溢出,导致执行任意指令。 No-IP Dynamic Update Client 2.1.7 No-IP ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/11/19 12:0 a.m.23 views

No-IP DUC <= 2.1.7 Remote Code Execution Exploit

No description provided by source. / | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/11/18 12:0 a.m.269 views

No-IP DUC <= 2.1.7 Remote Code Execution Exploit

Exploit for linux platform in category remote exploits ================================================ No-IP DUC include include include include include include include define HTTPOK "HTTP/1.1 200 OK\r\n\r\n" define NOIPPORT 8245 define uchar unsigned char / Offsets del shellcode x version ubica...

7.1AI score
Exploits0
Prion
Prion
added 2008/06/18 7:41 p.m.15 views

Default credentials

No-IP Dynamic Update Client DUC 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the 1 TrayPassword, 2 Username, 3 Password, and 4 Hosts registry values...

2.1CVSS6.4AI score0.00309EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2008/06/18 7:41 p.m.19 views

CVE-2008-2747

No-IP Dynamic Update Client DUC 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the 1 TrayPassword, 2 Username, 3 Password, and 4 Hosts registry values...

2.1CVSS5.9AI score0.00309EPSS
Exploits0References5
CVE
CVE
added 2008/06/18 7:0 p.m.37 views

CVE-2008-2747

No-IP Dynamic Update Client (DUC) 2.2.1 on Windows stores sensitive data in the HKLM\SOFTWARE\Vitalwerks\DUC registry key with weak permissions, allowing local users to read (TrayPassword, Username, Password, Hosts) and obtain obfuscated passwords and other sensitive information. This CVE is docu...

2.1CVSS5.9AI score0.00309EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/06/18 7:0 p.m.23 views

CVE-2008-2747

No-IP Dynamic Update Client DUC 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the 1 TrayPassword, 2 Username, 3 Password, and 4 Hosts registry values...

5.9AI score0.00309EPSS
Exploits0References5
exploitpack
exploitpack
added 2008/06/16 12:0 a.m.21 views

No-IP DUC Client for Windows - Local Information Disclosure

No-IP DUC Client for Windows - Local Information Disclosure source: https://www.securityfocus.com/bid/29758/info The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2008/06/16 12:0 a.m.51 views

DUC NO-IP Local Password Information Disclosure Vulnerability

/ DUC NO-IP Local Password Information Disclosure Authors: Charalambous Glafkos George Nicolaou Date: March 11, 2008 Site: http://www.astalavista.com Mail: [email protected] [email protected] Synopsis: DUC NO-IP is prone to an information disclosure vulnerability due to a design error...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/16 12:0 a.m.20 views

No-IP DUC Client for Windows - Local Information Disclosure

source: https://www.securityfocus.com/bid/29758/info The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in...

7.4AI score
Exploits0
CVE
CVE
added 2001/09/12 4:0 a.m.53 views

CVE-1999-1216

Cisco routers (9.17 and earlier) are affected by CVE-1999-1216 via improper handling of IP source routed packets. The underlying issue allows remote attackers to bypass security restrictions by sending source-routed traffic that should be denied with the no ip source-route command. This is a netw...

7.5CVSS7.7AI score0.02081EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder