Lucene search
K

44 matches found

UbuntuCve
UbuntuCve
added 2023/04/11 9:15 p.m.38 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS6.8AI score0.00645EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/04/11 9:15 p.m.128 views

CVE-2023-26551

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS6.8AI score0.0067EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/11 12:0 a.m.20 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

6.3AI score0.00645EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.2 views

NTP 缓冲区错误漏洞

NTP is a network time protocol from nwtime open source. A security vulnerability exists in NTP version 4.2.8p15, which stems from an out-of-bounds write when adding a decimal point to mstolfp in libntp/mstolfp.c. The vulnerability is caused by the use of an out-of-bounds write when adding a decim...

5.6CVSS6.7AI score0.00645EPSS
Exploits0References5
CVE
CVE
added 2023/04/11 12:0 a.m.123 views

CVE-2023-26553

CVE-2023-26553 corresponds to an out-of-bounds write in mstolfp.c of libntp (NTP 4.2.8p15). Affected software copies the trailing number in a faulty way, enabling an attacker to potentially compromise a client ntpq process; ntpd is not affected per the sources. Connected documents corroborate the...

5.6CVSS5.8AI score0.00703EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/04/11 12:0 a.m.124 views

CVE-2023-26552

CVE-2023-26552 affects NTP 4.2.8p15 where mstolfp.c can trigger an out-of-bounds write when adding a decimal point. The advisory notes that an attacker could potentially target a client ntpq process but cannot compromise ntpd. Several connected sources (IBM IBM i/security bulletins and Brocade/AS...

5.6CVSS5.8AI score0.00645EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/04/11 12:0 a.m.37 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS5.8AI score0.00645EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.4 views

PT-2023-2769 · Ntp +4 · Ntp +4

Name of the Vulnerable Software and Affected Versions: NTP versions 4.2.8p15 Description: The issue is related to an out-of-bounds write in the mstolfp function in libntp/mstolfp.c when adding a '0' character. This can be exploited by a remote attacker to potentially execute arbitrary code by...

6.4CVSS7.4AI score0.00703EPSS
Exploits0References38
F5 Networks
F5 Networks
added 2023/02/21 6:20 p.m.29 views

K43205719: NTP input validation vulnerability CVE-2016-1550

Security Advisory Description An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key. CVE-2016-1550...

5.3CVSS6.7AI score0.03634EPSS
Exploits1Affected Software23
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.2 views

SUSE CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS9AI score0.03634EPSS
Exploits1References11
Veracode
Veracode
added 2019/05/02 5:34 a.m.31 views

Information Disclosure

ntp is vulnerable to information disclosure. The vulnerability exists as the message digest key is retrievable from the flaw of the message authentication functionality of libntp...

5.3CVSS6.1AI score0.03634EPSS
Exploits1References35Affected Software1
seebug.org
seebug.org
added 2017/10/26 12:0 a.m.53 views

Network Time Protocol libntp Message Digest Disclosure Vulnerability(CVE-2016-1550)

SUMMARY An exploitable vulnerability exists in the message authentication functionality of Network Time Protocol libntp. An attacker can send a series of crafted messages to attempt to recover the message digest key. TESTED VERSIONS ntp 4.2.8p4 NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92...

5CVSS7AI score0.03634EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/02/15 12:0 a.m.48 views

F5 Networks BIG-IP : NTP input validation vulnerability (K43205719)

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key. CVE-2016-1550 C Tenable Network Security,...

5.3CVSS6.6AI score0.03634EPSS
Exploits1References2
Prion
Prion
added 2017/01/06 9:59 p.m.21 views

Design/Logic Flaw

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5CVSS6.9AI score0.03634EPSS
Exploits1References34Affected Software1
OSV
OSV
added 2017/01/06 9:59 p.m.5 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS6.2AI score
Exploits0References34
NVD
NVD
added 2017/01/06 9:59 p.m.16 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS6.3AI score0.03634EPSS
Exploits1References34
OSV
OSV
added 2017/01/06 9:59 p.m.4 views

DEBIAN-CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS7.1AI score0.03634EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/01/06 9:0 p.m.29 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

6.4AI score0.03634EPSS
Exploits1References34
CVE
CVE
added 2017/01/06 9:0 p.m.154 views

CVE-2016-1550

CVE-2016-1550 exists in the message authentication of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. The root cause is a non-constant-time memory comparison when validating the authentication digest on incoming packets, which can enable a timing attack. An attacker sen...

5.3CVSS6.3AI score0.03634EPSS
Exploits1References34Affected Software1
Debian CVE
Debian CVE
added 2017/01/06 9:0 p.m.31 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS6.7AI score0.03634EPSS
Exploits1
Rows per page
Query Builder