The vulnerability of the ctl_getitem method in the ntpd daemon, which is part of the NTP time synchronization protocol, arises from reading data within acceptable buffer limits. This allows a malicious actor to cause a service failure.

The vulnerability of the ctlgetitem method in the ntpd daemon, which implements the NTP synchronization protocol, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially crafted mode 6 Troj...

CVE-2018-19558

An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php...

Sql injection

An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php...

NTP ntpd denial of service vulnerability (CNVD-2018-04874)

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. ntpd is an operating system daemon. An information disclosure vulnerability exists in the ctlgetitem method of ntpd in NTP versions 4.2.8p6 through 4.2.8p10. A remote attacker coul...

Apache Httpd < 2.2.32 : Apache HTTP Request Parsing Whitespace Defects

Apache HTTP Server, prior to release 2.4.25 and 2.2.32, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines...

MS KB3119884: Improperly Issued Digital Certificates Could Allow Spoofing

The remote host is missing KB3119884, KB2677070 automatic updater, or the latest disallowed certificate update using KB2813430 manual updater. If KB2677070 has been installed, it has not yet obtained the latest auto-updates. Note that this plugin checks that the updaters have actually updated the...

Dell System Detect installs root certificate and private key (DSDTestProvider)

Overview Dell System Detect installs the DSDTestProvider certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

DEBIAN-CVE-2014-9295

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to 1 the cryptorecv function when the Autokey Authentication feature is used, 2 the ctlputdata function, and 3 the configure function...

MS KB2982792: Improperly Issued Digital Certificates Could Allow Spoofing

The remote host is missing KB2982792, KB2677070 automatic updater, or the latest disallowed certificate update using KB2813430 manual updater. If KB2677070 is installed, it is missing the latest auto-updates. Note that this plugin checks that the updaters have actually updated the disallowed CTL...

Cisco Unified IP Phone 7960G CTL信任链执行安全绕过漏洞

Bugtraq ID:65705 CVE ID:CVE-2014-0737 Cisco Unified IP Phone是思科的统一IP电话解决方案。 Cisco Unified IP Phone 7960G的CTL验证存在漏洞，允许未验证远程攻击者向IP电话注入CTL文件。由于不充分验证CTL文件，攻击者可向电话机中注入恶意CTL文件爱你，可使电话信任攻击者控制的系统。 0 Cisco Unified IP Phone 7960G 目前没有详细解决方案提供： http://www.cisco.com...

CVE-2014-0737

The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...

Authentication flaw

The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...

Cisco Adaptive Security Appliance Phone Proxy CTL Authentication Vulnerability

A vulnerability in the Phone Proxy function of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the trust of the Certificate Trust List CTL of a remote IP phone. The vulnerability is due to insufficient authentication of the CTL file. An attacker...

Cisco Third-Generation IP Phone CTL Trust Chain Enforcement Vulnerability

A vulnerability in Certificate Trust List CTL authentication of Cisco third-generation IP phones could allow an unauthenticated, remote attacker to inject a crafted CTL file to the IP phone. The vulnerability is due to insufficient authentication of the CTL file. An attacker could exploit this...

Security Advisory 2916652 released, Certificate Trust List updated

Microsoft is updating the Certificate Trust List CTL for all supported releases of Microsoft Windows to remove the trust of a mis-issued third-party digital certificate, which could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this action...

UBUNTU-CVE-2013-4270

The netctlpermissions function in net/sysctlnet.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application...

quota: incorrect use of tcp_wrappers

The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny...

kernel: drm_modeset_ctl signedness issue

Integer signedness error in the drmmodesetctl function in 1 drivers/gpu/drm/drmirq.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.38 and 2 sys/dev/pci/drm/drmirq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and...

kernel: drm_modeset_ctl signedness issue

Integer signedness error in the drmmodesetctl function in 1 drivers/gpu/drm/drmirq.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.38 and 2 sys/dev/pci/drm/drmirq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and...

CVE-2008-5744

Array index error in the dahdi/tor2.c driver in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check...