*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Jamie Strandboge (jdstrand):
Binary package hint: noip2 > No-IP Dynamic Update Client (DUC) is prone to a stack-based buffer-overflow > vulnerability because it fails to adequately > bounds-check input messages. > An attacker can exploit this issue by enticing an unsuspecting user into > connecting to a malicious server. Successful attacks will > allow arbitrary code to run within the context of the affected application. > Failed exploit attempts will result in a denial-of-service > condition. > DUC 2.1.7 for Linux is vulnerable; other versions may also be affected. Source: http://www.securityfocus.com/bid/32344 No-ip.com published version 2.1.8 at http://www.no-ip.com/client/linux /noip-duc-linux.tar.gz Thanks! ** Affects: no-ip (Ubuntu) Importance: Undecided Status: New -- Remote buffer overflow vulnerability in noip2 2.1.7 https://bugs.launchpad.net/bugs/300609 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
