c-ares is an asynchronous resolver... CVE-2023-32067

- AV AC AU C I A
发布: 2023-05-25
修订: 2023-10-31

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.

0%
暂无可用Exp或PoC
当前有5条受影响产品信息