9 matches found
OPENSUSE-SU-2019:0082-1 Security update for ntpsec
This update for ntpsec to version 1.1.3 fixes the following issues: Security issues fixed: - CVE-2019-6442: Fixed a out of bounds write via a malformed config request boo1122132 - CVE-2019-6443: Fixed a stack-based buffer over-read in the ctlgetitem function boo1122144 - CVE-2019-6444: Fixed a...
NTPsec ntpd write_variables Denial of Service (CVE-2019-6445; CVE-2019-8936)
A denial-of-service vulnerability has been reported inN TPsec ntpd. The vulnerability is due to insufficient validation of certain data when parsing a variable in order to write. An attacker could exploit this vulnerability by enticing a target user to open a specially crafted link...
openSUSE Security Update : ntpsec (openSUSE-2019-82)
This update for ntpsec to version 1.1.3 fixes the following issues : Security issues fixed : - CVE-2019-6442: Fixed a out of bounds write via a malformed config request boo1122132 - CVE-2019-6443: Fixed a stack-based buffer over-read in the ctlgetitem function boo1122144 - CVE-2019-6444: Fixed a...
Security update for ntpsec (important)
openSUSE Security Update: Security update for ntpsec Announcement ID: openSUSE-SU-2019:0082-1 Rating: important References: 1122131 1122132 1122134 1122144 Cross-References: CVE-2019-6442 CVE-2019-6443 CVE-2019-6444 CVE-2019-6445 Affected Products: openSUSE Leap 15.0 An update that fixes four...
NTPsec 1.1.2 - ntp_control Authenticated NULL Pointer Dereference Exploit
!/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-authed-npe Vendor Homepage: https://ntpsec.org...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
CVE-2019-6445
Summary: CVE-2019-6445 affects NTPsec prior to 1.1.3. An authenticated attacker can trigger a NULL pointer dereference in ntp_control.c (ctl_getitem), causing ntpd to crash. The issue is confirmed in multiple advisories and vendor/plugin postings tied to the 1.1.3 release. Affected component: ntp...
NTPsec 1.1.2 ntp_control Null Pointer Dereference
!/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-authed-npe Vendor Homepage: https://ntpsec.org...
NTPsec 1.1.2 - 'ntp_control' (Authenticated) NULL Pointer Dereference (PoC)
!/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-authed-npe Vendor Homepage: https://ntpsec.org...