Daniel Stenberg: Security Vulnerabilities
c-ares before 1.4.0 uses a predictable seed for the random number generator for the DNS Transaction ID field, which might allow remote attackers to spoof DNS responses by guessing the field value.
CVSS Score
7.5
EPSS Score
0.007
Published
2007-06-11
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to spoof DNS responses by guessing certain values.
CVSS Score
5.0
EPSS Score
0.003
Published
2007-06-11
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.
CVSS Score
7.5
EPSS Score
0.038
Published
2006-03-21
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating null byte from being added to either a hostname or path buffer, or (2) contain a "?" separator in the hostname portion, which causes a "/" to be prepended to the resulting string.
CVSS Score
4.6
EPSS Score
0.003
Published
2005-12-08
Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields.
CVSS Score
10.0
EPSS Score
0.116
Published
2002-12-31
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
CVSS Score
10.0
EPSS Score
0.1
Published
2000-12-19