3 matches found
Information disclosure
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in fnetllmnrpo...
CVE-2020-17467
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in fnetllmnrpo...
MGASA-2016-0351 Updated c-ares packages fix security vulnerability
In c-ares before 1.12.0, When a string is passed in to 'arescreatequery' or 'aresmkquery' and uses an escaped trailing dot, like "hello.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least...