RSS   Vulnerabilities for 'Dynamic update client'   RSS

2008-06-18
 
CVE-2008-2747

CWE-200
 

 
No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the (1) TrayPassword, (2) Username, (3) Password, and (4) Hosts registry values.

 

 >>> Vendor: No-ip 2 Products
Dynamic update client
No-ip2


Copyright 2024, cxsecurity.com

 

Back to Top