Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: 200901-12 High: noip-updater Arbitrary Code Execution

gentoo
Calendar Grey January 18, 2009
Dist Gentoo Esm H88
Explore the Gentoo GLSA 201202-15 notice regarding a critical vulnerability in noip-updater that poses potential risks for code execution.
A buffer overflow in noip-updater can lead to arbitrary code execution.

Summary

Gentoo Linux Security Advisory GLSA 200901-12 https://security.gentoo.org/ Severity: High Title: noip-updater: Execution of arbitrary code Date: January 18, 2009 Bugs: #248709 ID: 200901-12

Synopsis ======= A buffer overflow in noip-updater can lead to arbitrary code execution.
Background ========= noip-updater is a tool used for updating IP addresses of dynamic DNS records at no-ip.com.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/noip-updater < 2.1.9 >= 2.1.9
========== xenomuta found out that the GetNextLine() function in noip2.c misses a length check, leading to a stack-based buffer overflow.
Impact ===== A remote attacker...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo buffer overflow arbitrary code execution network attack noip-updater

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo buffer overflow arbitrary code execution network attack noip-updater

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here