[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] c-ares: NAPTR parser out of bounds access (CVE-2017-1000381)

ID: oval:org.secpod.oval:def:1800423Date: (C)2018-03-28   (M)2024-04-17
Class: PATCHFamily: unix




The c-ares function ares_parse_naptr_reply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. Affected versions: c-ares 1.8.0 to and including 1.12.0 Not affected versions: c-ares

Platform:
Alpine Linux 3.6
Product:
c-ares
Reference:
7526
CVE-2017-1000381
CVE    1
CVE-2017-1000381
CPE    7
cpe:/a:c-ares_project:c-ares:1.10.0
cpe:/a:c-ares_project:c-ares:1.9.1
cpe:/a:c-ares_project:c-ares:1.11.0
cpe:/a:c-ares_project:c-ares:1.9.0
...

© SecPod Technologies