CVE-2007-2362
CVE-2007-2362
Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/3807unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/054024.htmlhttp://osvdb.org/35438http://osvdb.org/35439http://secunia.com/advisories/25007http://secunia.com/advisories/28086http://securityreason.com/securityalert/2658https://exchange.xforce.ibmcloud.com/vulnerabilities/33933http://www.debian.org/security/2007/dsa-1434http://www.digit-labs.org/files/exploits/mydns-rr-smash.chttp://www.digit-labs.org/files/patches/mydns-update.c.diffhttp://www.securityfocus.com/bid/23694http://www.vupen.com/english/advisories/2007/1561