CVE-2017-9454

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-9454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9454.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-9454
Published
2017-08-18T14:29:00.843Z
Modified
2026-04-11T03:11:36.774898Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Buffer overflow in the aresparsea_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.

References

Affected packages

Git / github.com/resiprocate/resiprocate

Affected ranges

Type
GIT
Repo
https://github.com/resiprocate/resiprocate
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dd6e415b5abccc6ed78958837e1730ba72733a91
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d39bddd201cfa85dbf958ccc5cd9b416c4112fee
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fbb6ed51110e491581eb9b14b27ae83015db87f8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4f40c4621b0bf9f7badc0fdcb6d91fa095e495bb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7e4e7c86d308a3f24e6d286d7389e32fd573170f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8f55b09e0310e161a9cc95303a27b4d055df3931
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
77c95d7693d173e4924bbdf0c69f72bf389f5e9c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e969e1106af166012cad1d987a9def9fbd50cca6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1eb4ab84a4a8fca53454c2e0422c42d7b2e9e58d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f00b5133e40f5fe5852959e18570f96178f159de
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
39405b8a8f7a8d92fd6a870096d2d40f110a9b06
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0165ebbb2c46fc4bc974280693d79d951acb8ef0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f519be9fe6fedac99b09e8e4be7a00172cc6cce7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
728b2a80a4fbbfd1b61d3ce1209543b1bcebfec8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bbc4c39a1dad73b4f3b114e297596848198f5b13
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ee0785047e2c18ddae06109b14190aa0b1b3ae87
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6e676dfc70c9ec254196f2162c4d0b737a555e74
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bc02d3b5e2cf7fb358df796dbb4045b8a39e60db
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c8569b61772d789f6878524c4860544f4bb14a20
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d79355281ed2a38c27a010900f59f0c8bc14d626
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ebe71e5d12e3e32a7e7b68a66a31cabf196cfd00
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e77e2432192f1d76c0a3599532050cc325e4b041
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
28ce71808444d04aad087dd07bc18714b90ec79e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e1e93f85e0c7befec29e9edc28e53f5fa0486da1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f9a24566a7b7f788392233902a69d2336a331cbf
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
37f3ba0e0b1a871282ffaf1ee927ee9a0ecdb223
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3a3ef70005ca72680ee2c5b0ee83d2ceafcd4a5b
Fixed
d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.10.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-alpha9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-beta4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.0-beta5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-alpha1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.0-beta9"
        }
    ]
}

Affected versions

resiprocate-1.*
resiprocate-1.10.0
resiprocate-1.10.0_alpha3
resiprocate-1.10.0_alpha4
resiprocate-1.10.0_beta1
resiprocate-1.10.0_beta2
resiprocate-1.10.1
resiprocate-1.10.2
resiprocate-1.11.0_alpha1
resiprocate-1.11.0_alpha10
resiprocate-1.11.0_alpha11
resiprocate-1.11.0_alpha2
resiprocate-1.11.0_alpha3
resiprocate-1.11.0_alpha4
resiprocate-1.11.0_alpha5
resiprocate-1.11.0_alpha6
resiprocate-1.11.0_alpha7
resiprocate-1.11.0_alpha8
resiprocate-1.11.0_alpha9
resiprocate-1.11.0_beta1
resiprocate-1.11.0_beta2
resiprocate-1.11.0_beta3
resiprocate-1.11.0_beta4
resiprocate-1.11.0_beta5
resiprocate-1.12.0_alpha1
resiprocate-1.12.0_beta1
resiprocate-1.12.0_beta2
resiprocate-1.12.0_beta3
resiprocate-1.12.0_beta4
resiprocate-1.12.0_beta5
resiprocate-1.12.0_beta6
resiprocate-1.12.0_beta7
resiprocate-1.12.0_beta8
resiprocate-1.12.0_beta9

Database specific

vanir_signatures_modified 
"2026-04-11T03:11:36Z"
vanir_signatures 
[
    {
        "id": "CVE-2017-9454-1ea22be8",
        "target": {
            "file": "rutil/dns/ares/ares_parse_a_reply.c"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "83975094632216789625053670307706002658",
                "163342888634037695417228974811624474963",
                "7880708736320800443043474685626691383",
                "120183715538082298789387575744134177208"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/resiprocate/resiprocate/commit/d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2017-9454-788724e7",
        "target": {
            "file": "rutil/dns/ares/ares_parse_a_reply.c",
            "function": "ares_parse_a_reply"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "232307844069714445886525754008819579935",
            "length": 2448.0
        },
        "signature_type": "Function",
        "source": "https://github.com/resiprocate/resiprocate/commit/d67a9ca6fd06ca65d23e313bdbad1ef4dd3aa0df",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9454.json"