Published: 03/10/2016 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in the ares_create_query function in c-ares 1.x prior to 1.12.0 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.

Vulnerable Product	Search on Vulmon	Subscribe to Product
c-ares project c-ares 1.11.0
c-ares c-ares 1.4.0
c-ares c-ares 1.5.0
c-ares c-ares 1.0.0
c-ares c-ares 1.9.1
c-ares c-ares 1.8.0
c-ares c-ares 1.6.0
c-ares c-ares 1.5.2
c-ares c-ares 1.10.0
c-ares c-ares 1.7.1
c-ares c-ares 1.3.2
c-ares c-ares 1.5.3
c-ares c-ares 1.9.0
c-ares c-ares 1.3.0
c-ares c-ares 1.7.3
c-ares c-ares 1.7.5
c-ares c-ares 1.2.0
c-ares c-ares 1.1.0
c-ares c-ares 1.7.2
c-ares c-ares 1.7.0
c-ares c-ares 1.7.4
c-ares c-ares 1.3.1
c-ares c-ares 1.5.1
c-ares c-ares 1.2.1
debian debian linux 8.0
nodejs node.js
canonical ubuntu linux 16.10
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 12.04

Synopsis Important: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update Type/Severity Security Advisory: Important Topic An update for rh-nodejs4-nodejs and rh-nodejs4-http-parser is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security i ...

Debian Bug report logs - #839151 c-ares: CVE-2016-5180: out-of-bounds write in ares_create_query and ares_mkquery Package: src:c-ares; Maintainer for src:c-ares is Gregor Jasny <gjasny@googlemailcom>; Reported by: Florian Weimer <fw@denebenyode> Date: Thu, 29 Sep 2016 14:27:04 UTC Severity: important Tags: securit ...

c-ares could be made to crash or run programs if it processed a specially crafted hostname ...

Gzob Qq discovered that the query-building functions in c-ares, an asynchronous DNS request library would not correctly process crafted query names, resulting in a heap buffer overflow and potentially leading to arbitrary code execution For the stable distribution (jessie), this problem has been fixed in version 1100-2+deb8u1 For the unstable d ...

A vulnerability was found in c-ares A hostname with an escaped trailing dot (such as "hello\") would have its size calculated incorrectly, leading to a single byte written beyond the end of a buffer on the heap An attacker able to provide such a hostname to an application using c-ares, could potentially cause that application to crash ...

When a string is passed in to ares_create_query or ares_mkquery and uses an escaped trailing dot, like "hello\", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte The wrongly written byte is the least significant byte of the 'dnsclass' argument; most commonly 1 ...

KLEE-fl : Compile Project to Bitcode and Try Fuzzing with KLEE .

klee-fl KLEE-fl ,编译项目输出文件到Bitcode ,然后合并自定义Fuzzer 到一个整体的Bitcode 库引入到KLEE 进行符号执行 klee-fl 命令 1编译klee-fl (TIPS:build_kleeflsh 会安装编译工具到/usr/local/bin 目录) sh /build_kleeflsh 2进入test_code 目录 cd test_code/ vim test_fuzzing_entryc

ReZZan: RET+Fuzzing+Sanitizer ReZZan is a fast memory error sanitizer for fuzzing C/C++ code Publication Efficient Greybox Fuzzing to Detect Memory Errors (In the 37th IEEE/ACM International Conference on Automated Software Engineering [ASE22]) PDF: arxivorg/abs/220402773 Prerequisites LLVM >= 12 Clang >= 12 Build sudo /installsh

Repository for the artifact evaluation of the ACSAC 2020 paper "Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing"

Cupid Please note that this is the artifact evaluation repository of Cupid If you're looking for the main repository, please click here: githubcom/RUB-SysSec/cupid Installation & Information Please use the ready-to-go Debian VirtualBox image (download), not only to avoid the time consuming task of installing all dependencies, generating docker images and

fuzzing with libFuzzer，inlude openssl heartbleed (CVE-2014-0160)

libfuzzer-workshop Materials of "Modern fuzzing of C/C++ Projects" workshop The first version of the workshop had been presented at ZeroNights'16 security conference Disclaimer This workshop was originally developed in 2016 As of today (2021 and beyond), the practical side of the workshop might be not working right away, because libFuzzer greatly evolved over

Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

libfuzzer-workshop Materials of "Modern fuzzing of C/C++ Projects" workshop The first version of the workshop had been presented at ZeroNights'16 security conference Disclaimer This workshop was originally developed in 2016 As of today (2021 and beyond), the practical side of the workshop might be not working right away, because libFuzzer greatly evolved over

CWE-787 https://source.android.com/security/bulletin/2017-01-01.html http://www.securityfocus.com/bid/93243 http://www.ubuntu.com/usn/USN-3143-1 https://security.gentoo.org/glsa/201701-28 http://www.debian.org/security/2016/dsa-3682 https://c-ares.haxx.se/adv_20160929.html https://c-ares.haxx.se/CVE-2016-5180.patch https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html http://rhn.redhat.com/errata/RHSA-2017-0002.html https://access.redhat.com/errata/RHSA-2017:0002 https://usn.ubuntu.com/3143-1/https://nvd.nist.gov

CVE-2016-5180

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect