Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.
References
Link | Resource |
---|---|
https://list.resiprocate.org/archive/resiprocate-users/msg02700.html | Vendor Advisory |
https://github.com/resiprocate/resiprocate/commit/d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-08-18 07:29
Updated : 2019-12-11 14:14
NVD link : CVE-2017-9454
Mitre link : CVE-2017-9454
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
resiprocate
- resiprocate