This host has No-IP DUC installed and is prone to remote code execution vulnerability.

Successful attack could result in remote DNS servers to execute arbitrary code via a crafted DNS response. Impact Level: Application

Upgrade to latest version of No-IP DUC, http://www.no-ip.com/downloads.php

The flaw is due to DNS poisoning in the function GetNextLine which fails to do length check.

No-IP DUC 2.1.7 and prior on Linux

• http://www.openwall.com/lists/oss-security/2008/11/21/15

---

Updated on 2017-03-28