5 matches found
EUVD-2008-2740
Malware in sbrugna...
CVE-2024-40457
No-IP Dynamic Update Client DUC v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior...
No-IP-Dynamic-Update-Client-
This exploit covers a stack-based overflow present in -i parameter, IPaddress variable name in source code. It is probably the most basic parameter, as this is the way to say the client that our IP has changed import os binary = "./noip-2.1.9-1/binaries/noip2-i686" shellcode =...
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
To be easily portable, the client is written in C, with minimal dependencies. So far so good, but the problem is, it is plagued of buffer overflows. import os binary = "./noip-2.1.9-1/binaries/noip2-i686" shellcode = "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"...
CVE-2008-2747
No-IP Dynamic Update Client DUC 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the 1 TrayPassword, 2 Username, 3 Password, and 4 Hosts registry values...