CVE-2023-26554

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

Security Bulletin: IBM i is vulnerable to an out-of-bounds write in NTP services due to multiple vulnerabilities.

Summary IBM i is vulnerable to an out-of-bounds write due to a flaw in mstolfp.c in NTP CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, and CVE-2023-26554 as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerabilities as described in t...

Security Bulletin: Vulnerability with NTP 4.2.8p15 affect IBM Cloud Object Storage Systems (March 2025)

Summary Vulnerability with NTP CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554 . This vulnerability has been addressed in the latest ClevOS release Vulnerability Details CVEID:CVE-2023-26552 DESCRIPTION: mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when...

Linux Distros Unpatched Vulnerability : CVE-2023-26554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, b...

Photon OS 4.0: Ntp PHSA-2023-4.0-0417

An update of the ntp package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0417. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20452...

Siemens SITOP UPS1600 Out-of-bounds Write (CVE-2023-26554)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

EulerOS Virtualization 2.11.0 : ntp (EulerOS-SA-2023-2765)

According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack...

Amazon Linux 2 : ntp (ALAS-2024-2396)

The version of ntp installed on the remote host is prior to 4.2.8p15-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2396 advisory. 2024-02-15: CVE-2023-26555 was added to this advisory. mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds wri...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2658)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2700)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2591)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2591)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2565)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : ntp (EulerOS-SA-2023-2363)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

EulerOS 2.0 SP10 : ntp (EulerOS-SA-2023-2389)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2363)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2389)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2023-153-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1282 ntp security update

NTP is a protocol designed to synchronize the clocks of computers over a network, NTP version 4, a significant revision of the previous NTP standard, is the current development version. It is formalized by RFCs released by the IETF. Security Fixes: mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has ...

SUSE SLES12 Security Update : ntp (SUSE-SU-2023:2171-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2171-1 advisory. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to...