Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
BID:12858
Info
Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 12858 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0830 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 21 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Toby Dickenson is credited with the discovery of this issue. |
| Vulnerable: |
Xzabite dyndnsupdate |
| Not Vulnerable: | |
Discussion
Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
Multiple remote buffer overflow vulnerabilities affect Xzabite's dyndnsupdate. These issues are due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit these issues to execute arbitrary code with the privileges of a user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Multiple remote buffer overflow vulnerabilities affect Xzabite's dyndnsupdate. These issues are due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit these issues to execute arbitrary code with the privileges of a user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Exploit / POC
Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
Solution:
Gentoo Linux has released an advisory dealing with this issue. Gentoo advises that all users should upgrade their packages by executing the following commands with superuser privileges:
emerge --unmerge net-misc/dyndnsupdate
For more information, please see the referenced Gentoo Linux advisory.
Solution:
Gentoo Linux has released an advisory dealing with this issue. Gentoo advises that all users should upgrade their packages by executing the following commands with superuser privileges:
emerge --unmerge net-misc/dyndnsupdate
For more information, please see the referenced Gentoo Linux advisory.
References
Xzabite DYNDNSUpdate Multiple Remote Buffer Overflow Vulnerabilities
References:
References: