Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vitalwerks | no-ip_duc | 2.1.5 |
| vitalwerks | no-ip_duc | * |
| vitalwerks | no-ip_duc | 2.0.3 |
| vitalwerks | no-ip_duc | 2.1 |