Hi friends,

Just wanted to mention that the CVE-2016-5180 problem we fixed back on September 29th in c-ares 1.12.0 played an important part in root code execution exploit, and yesterday I blogged some details for those interested:


https://daniel.haxx.se/blog/2016/10/14/a-single-byte-write-opened-a-root-execution-exploit/

--

 / daniel.haxx.se

Reply via email to