Unrated severityNVD Advisory· Published Dec 1, 2008· Updated Jun 16, 2026
CVE-2008-5297
CVE-2008-5297
Description
Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:vitalwerks:no-ip_duc:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:vitalwerks:no-ip_duc:*:*:*:*:*:*:*:*range: <=2.1.7
- cpe:2.3:a:vitalwerks:no-ip_duc:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vitalwerks:no-ip_duc:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:vitalwerks:no-ip_duc:2.1.5:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- xenomuta.tuxfamily.org/exploits/noIPwn3r.cnvdExploit
- bugs.debian.org/cgi-bin/bugreport.cginvd
- git.debian.orgnvd
- secunia.com/advisories/32761nvd
- secunia.com/advisories/33138nvd
- secunia.com/advisories/33610nvd
- security.gentoo.org/glsa/glsa-200901-12.xmlnvd
- securityreason.com/securityalert/4672nvd
- www.debian.org/security/2008/dsa-1686nvd
- www.openwall.com/lists/oss-security/2008/11/21/15nvd
- www.securityfocus.com/bid/32344nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46696nvd
- www.exploit-db.com/exploits/7151nvd
News mentions
0No linked articles in our index yet.