Download
| Alert*
oval:org.secpod.oval:def:703386
libc-ares2 is installed oval:org.secpod.oval:def:708447 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:95021 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703383 c-ares: library for asynchronous name resolves c-ares could be made to crash or run programs if it processed a specially crafted hostname. oval:org.secpod.oval:def:51683 c-ares: library for asynchronous name resolves c-ares could be made to crash or run programs if it processed a specially crafted hostname. oval:org.secpod.oval:def:708241 c-ares: library for asynchronous name resolution Several security issues were fixed in c-ares. oval:org.secpod.oval:def:93354 Two vunerabilities were discovered in c-ares, an asynchronous name resolver library: CVE-2023-31130 ares_inet_net_pton is found to be vulnerable to a buffer underflow for certain ipv6 addresses, in particular '0::00:00:00/2' was found to cause an issue. c-ares only uses this function internally for ... oval:org.secpod.oval:def:610639 Two vunerabilities were discovered in c-ares, an asynchronous name resolver library: CVE-2023-31130 ares_inet_net_pton is found to be vulnerable to a buffer underflow for certain ipv6 addresses, in particular '0::00:00:00/2' was found to cause an issue. c-ares only uses this function internally for ... oval:org.secpod.oval:def:706099 c-ares: library for asynchronous name resolution c-ares could be made to return wrong domains. oval:org.secpod.oval:def:74577 Philipp Jeitner and Haya Shulman discovered a flaw in libc-ares2, a library that performs DNS requests and name resolution asynchronously. Missing input validation of hostnames returned by DNS servers can lead to output of wrong hostnames . oval:org.secpod.oval:def:98747 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:51877 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703769 c-ares: library for asynchronous name resolution c-ares could be made to crash if it received specially crafted network traffic. |