Published: 09/02/2005 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 up to and including 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
angus mackay ez-ipupdate 3.0.11b5
angus mackay ez-ipupdate 3.0.11b8
debian debian linux 3.0
gentoo linux

Ulf Härnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services This problem can only be exploited if ez-ipupdate is running in daemon mode (most likely) with many but not all service types For the stable distribution (woody) this problem has been fixed in vers ...

NVD-CWE-Other http://www.securityfocus.com/bid/11657 http://www.gentoo.org/security/en/glsa/glsa-200411-20.xml http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028590.html http://www.debian.org/security/2004/dsa-592 http://secunia.com/advisories/13167/http://www.mandriva.com/security/advisories?name=MDKSA-2004:129 https://exchange.xforce.ibmcloud.com/vulnerabilities/18032 https://nvd.nist.gov https://www.debian.org/security/./dsa-592

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0980

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect