← Back

CVE-2017-9454

nvd nist
Published: Aug 18, 2017Modified: May 13, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.

Affected (27)

Resiprocate
1 product
Resiprocate
Configuration A
27 vulnerable
Vulnerable SoftwareAffected Versions
Resiprocate
Resiprocate
Up to 1.10.2
Resiprocate
Version 1.11.0 alpha10
Resiprocate
Version 1.11.0 alpha11
Resiprocate
Version 1.11.0 alpha1
Resiprocate
Version 1.11.0 alpha2
Resiprocate
Version 1.11.0 alpha3
Resiprocate
Version 1.11.0 alpha4
Resiprocate
Version 1.11.0 alpha5
Resiprocate
Version 1.11.0 alpha6
Resiprocate
Version 1.11.0 alpha7
Resiprocate
Version 1.11.0 alpha8
Resiprocate
Version 1.11.0 alpha9
Resiprocate
Version 1.11.0 beta1
Resiprocate
Version 1.11.0 beta2
Resiprocate
Version 1.11.0 beta3
Resiprocate
Version 1.11.0 beta4
Resiprocate
Version 1.11.0 beta5
Resiprocate
Version 1.12.0 alpha1
Resiprocate
Version 1.12.0 beta1
Resiprocate
Version 1.12.0 beta2
Resiprocate
Version 1.12.0 beta3
Resiprocate
Version 1.12.0 beta4
Resiprocate
Version 1.12.0 beta5
Resiprocate
Version 1.12.0 beta6
Resiprocate
Version 1.12.0 beta7
Resiprocate
Version 1.12.0 beta8
Resiprocate
Version 1.12.0 beta9

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (4)

Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.