-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've pushed a fix[1] for this vulnerability, based on analysis of the exploit and the no-ip client code, and some limited local experiments.
Note that I couldn't get a working reverse shell - I suspect the exploit itself is buggy, but I have no time to debug it... Thanks, Avi. [1]http://git.debian.org/?p=collab-maint/no-ip.git;a=commit;h=60ed93621ff36d9731ba5d9f9336d6eb91122302 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkkYN8ACgkQwK8SobAxNVkBvgCfUlSZ6kxGrAGZYb7kfls7GzMG ZGMAoN04Qv0rHxuEtjopoK3bnx6+zFhx =RugG -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]