Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
daniel stenberg c-ares 1.3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3152
c-ares prior to 1.4.0 uses a predictable seed for the random number generator for the DNS Transaction ID field, which might allow remote malicious users to spoof DNS responses by guessing the field value.
Daniel Stenberg C-ares 1.0
Daniel Stenberg C-ares 1.3.2
Daniel Stenberg C-ares 1.1
Daniel Stenberg C-ares 1.2
Daniel Stenberg C-ares 1.2.1
Daniel Stenberg C-ares 1.3
Daniel Stenberg C-ares 1.3.1
NA
CVE-2007-3153
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote malicious users to spoof DNS responses by guessing certain values.
Daniel Stenberg C-ares 1.0
Daniel Stenberg C-ares 1.1
Daniel Stenberg C-ares 1.3.2
Daniel Stenberg C-ares 1.2
Daniel Stenberg C-ares 1.2.1
Daniel Stenberg C-ares 1.3
Daniel Stenberg C-ares 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started