K17525: NTP vulnerability CVE-2015-7853

Security Advisory Description The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value. CVE-2015-7853 Impact Running a custom refclock driver in...

SUSE CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-9668

An issue was discovered in rovinbhandari FTP through 2012-03-28. receivefile in filetransferfunctions.c allows remote attackers to cause a denial of service daemon crash via a 0xffff datalen field value...

DEBIAN-CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

CVE-2015-7853

CVE-2015-7853 affects the refclock driver in ntpd (NTP) with the datalen parameter: in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77, a negative datalen value can overflow a data buffer, enabling remote attackers to execute arbitrary code or cause a crash. Concrete details across connected adv...

QQPlayer Integer Overflow Vulnerability

QQPlayer is the latest movie and TV player from Tencent. QQPlayer supports any format of movie and music files as a local player. The QQPlayer program fails to properly handle the datalen field of the strf structure when parsing avi files, triggering a shaping overflow vulnerability when the leng...

NTP Local Buffer Overflow Vulnerability

NTP is a network protocol that synchronizes the clocks of two computers by exchanging packets. An NTP program running a custom refclock driver fails to check for a negative value of the 'datalen' parameter, allowing a local attacker to exploit the vulnerability for denial of service attacks...

UBUNTU-CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...