Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-2362Improper Restriction of Operations within the Bounds of a Memory Buffer in Moore Mydns

4 documents4 sources
Severity
9.0CRITICALNVD
EPSS
22.2%
top 4.19%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
DON Moore Mydns
Timeline
PublishedApr 30
Latest updateMay 1

Description

Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDdon_moore/mydns1.1.0

🔴Vulnerability Details

2
GHSA
GHSA-8c5w-487x-q6x4: Multiple buffer overflows in MyDNS 12022-05-01
CVEList
CVE-2007-2362: Multiple buffer overflows in MyDNS 12007-04-30

💥Exploits & PoCs

1
Exploit-DB
MyDNS 1.1.0 - Remote Heap Overflow (PoC)2007-04-27
CVE-2007-2362 — DON Moore Mydns vulnerability | cvebase