11 matches found
EUVD-2017-1540
Malware in sbrugna...
RHEL 5 : c-ares (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - c-ares: Single byte out of buffer write CVE-2016-5180 - The c-ares function aresparsenaptrreply, which is...
RHEL 6 : c-ares (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - c-ares: Single byte out of buffer write CVE-2016-5180 - The c-ares function aresparsenaptrreply, which is...
USN-4796-1: Node.js vulnerabilities
Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An attacker could use this vulnerability to execute a machine-in-the-middle- attack. This issue only affected Ubuntu 14.04 ESM and 16.04 ESM. CVE-2016-7099 It...
The vulnerability of the ares_parse_naptr_reply function in the asynchronous DNS request library c-ares allows a attacker to perform reading beyond the buffer limit in memory.
The vulnerability of the aresparsenaptrreply function in the asynchronous DNS request library c-ares is related to incorrect data processing during the analysis of NAPTR responses. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger buffer overflow attacks by...
Ubuntu 14.04 LTS / 16.04 LTS : c-ares vulnerability (USN-3395-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3395-1 advisory. It was discovered that c-ares incorrectly handled certain NAPTR responses. A remote attacker could possibly use this issue to cause applications using...
Ubuntu: Security Advisory (USN-3395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3395-1 c-ares vulnerability
It was discovered that c-ares incorrectly handled certain NAPTR responses. A remote attacker could possibly use this issue to cause applications using c-ares to crash, resulting in a denial of service...
Amazon Linux AMI : c-ares (ALAS-2017-859)
The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. CVE-2017-1000381 C Tenable Network Security, Inc. The descriptive text and...
MGASA-2017-0215 Updated c-ares packages fix security vulnerability
The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way CVE-2017-1000381...
CVE-2017-1000381
The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way...