Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200503-27] Xzabite dyndnsupdate: Multiple vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Xzabite dyndnsupdate: Multiple vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200503-27
(Xzabite dyndnsupdate: Multiple vulnerabilities)
Toby Dickenson discovered that dyndnsupdate suffers from multiple
A remote attacker, posing as a dyndns.org server, could execute
arbitrary code with the rights of the user running dyndnsupdate.
There is no known workaround at this time.
Currently, there is no released version of dyndnsupdate that
contains a fix for these issues. The original xzabite.org distribution
site is dead, the code contains several other problems and more secure
alternatives exist, such as the net-dns/ddclient package. Therefore,
the dyndnsupdate package has been hard-masked prior to complete removal
from Portage, and current users are advised to unmerge the package:
# emerge --unmerge net-misc/dyndnsupdate
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.