c-ares: Buffer Underwrite in ares_inet_net_pton()

A vulnerability was found in c-ares. This issue occurs in the aresinetnetpton function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which woul...

RHEL 9 : c-ares (RHSA-2023:6635)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6635 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. The following packages have been...

Squid DoS Vulnerability (GHSA-wgvf-q977-9xjg, SQUID-2024:3)

Squid is prone to a denial of service DoS vulnerability in ESI processing. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2951)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2932)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202310-09 : c-ares: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-09 c-ares: Multiple Vulnerabilities - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64...

Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2023-007 (ALASECS-2023-007)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1,...

Debian dla-3585 : exempi - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3585 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected]...

[SECURITY] [DLA 3585-1] exempi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 25, 2023 https://wiki.debian.org/LTS -...

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-344)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-344 advisory. Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2718)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM : c-ares vulnerabilities (USN-6164-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6164-2 advisory. USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

Oracle Linux 7 : openssl (ELSA-2016-3556)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3556 advisory. - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding...

Oracle Linux 5 : python (ELSA-2011-0027)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0027 advisory. - Resolves: CVE-2010-1634 CVE-2010-2089 - Related: CVE-2008-5983 - Rework rgbimgmodule fix for CVE-2008-3143 - Resolves: rhbz644425 CVE-2009-4134...

Oracle Linux 6 : openssl (ELSA-2016-3558)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3558 advisory. - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2676)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2634)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : nodejs:18 (RLSA-2023:4035)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4035 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrar...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...