vendor:
DUC NO-IP
by:
Charalambous Glafkos, George Nicolaou
4
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: DUC NO-IP
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:vitalwerks:duc
Platforms Tested: Windows
2008
DUC NO-IP Local Password Information Disclosure
The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks.
Mitigation:
Apply the latest security patches from the vendor.