Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
daniel stenberg c-ares 1.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-3152
c-ares prior to 1.4.0 uses a predictable seed for the random number generator for the DNS Transaction ID field, which might allow remote malicious users to spoof DNS responses by guessing the field value.
Daniel Stenberg C-ares 1.0
Daniel Stenberg C-ares 1.3.2
Daniel Stenberg C-ares 1.1
Daniel Stenberg C-ares 1.2
Daniel Stenberg C-ares 1.2.1
Daniel Stenberg C-ares 1.3
Daniel Stenberg C-ares 1.3.1
5
CVSSv2
CVE-2007-3153
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote malicious users to spoof DNS responses by guessing certain values.
Daniel Stenberg C-ares 1.0
Daniel Stenberg C-ares 1.1
Daniel Stenberg C-ares 1.3.2
Daniel Stenberg C-ares 1.2
Daniel Stenberg C-ares 1.2.1
Daniel Stenberg C-ares 1.3
Daniel Stenberg C-ares 1.3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started