Hi friends,
Just wanted to mention that the CVE-2016-5180 problem we fixed back on
September 29th in c-ares 1.12.0 played an important part in root code
execution exploit, and yesterday I blogged some details for those interested:
https://daniel.haxx.se/blog/2016/10/14/a-single-byte-write-opened-a-root-execution-exploit/
-- / daniel.haxx.seReceived on 2016-10-16