CVE-2008-5297

NameCVE-2008-5297
DescriptionBuffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1686-1
NVD severityhigh (attack range: remote)
Debian Bugs506179

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
no-ipsource(unstable)2.1.7-11high506179
no-ipsourceetch2.1.1-4+etch1highDSA-1686-1

Search for package or bug name: Reporting problems