Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records.