CVE-2016-5180 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	When a string is passed in to ares_create_query or ares_mkquery and uses an escaped trailing dot, like "hello\.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least significant byte of the 'dnsclass' argument; most commonly 1.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-37	c-ares	1.11.0-1	1.12.0-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
30 Sep 2016	ASA-201609-31	AVG-37	c-ares	High	arbitrary code execution

References
https://c-ares.haxx.se/adv_20160929.html https://c-ares.haxx.se/CVE-2016-5180.patch