No-ip Dynamic Update Client : Security vulnerabilities, CVEs

CVE-2008-2747

No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the (1) TrayPassword, (2) Username, (3) Password, and (4) Hosts registry values.

Max CVSS

2.1

EPSS Score

0.04%

Published

2008-06-18

Updated

2018-10-11

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

No-ip » Dynamic Update Client : Security Vulnerabilities, CVEs,

CVE-2008-2747