Download
| Alert*
oval:org.secpod.oval:def:111425
c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT. oval:org.secpod.oval:def:111401 c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT. oval:org.secpod.oval:def:1800793 When a string is passed in to ares_create_query or ares_mkquery and uses an escaped trailing dot, like "hello\.", c-ares calculates the string length wrong and subsequently writes outside of the allocated buffer with one byte. The wrongly written byte is the least significant byte of the "dnsclass" ... oval:org.secpod.oval:def:1800384 The c-ares function ares_parse_naptr_reply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. Affected versions: c-ares 1.8.0 to and including 1.12.0 Not affected versio ... oval:org.secpod.oval:def:112612 c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named ares, written by Greg Hudson at MIT. oval:org.secpod.oval:def:1800365 The c-ares function ares_parse_naptr_reply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. Affected versions c-ares 1.8.0 to and including 1.12.0 Not affected version ... oval:org.secpod.oval:def:1600735 The c-ares function `ares_parse_naptr_reply`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way oval:org.secpod.oval:def:1800423 The c-ares function ares_parse_naptr_reply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. Affected versions: c-ares 1.8.0 to and including 1.12.0 Not affected versio ... |