49 matches found
Astra Linux – Vulnerability in NTP
In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...
Astra Linux - уязвимость в ntp
In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability in the while loop of the cpcpdec function. An adversary could potentially attack a client NTPQ process, but they cannot attack the ntpd process...
Multiple NTP vulnerabilities resolved (CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26555)
CVE-2023-26551 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. Base Score: 5.6 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2023-26552 mstolfp in...
EulerOS Virtualization 2.9.0 : ntp (EulerOS-SA-2023-2990)
According to the versions of the ntp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack ...
EulerOS Virtualization 2.11.0 : ntp (EulerOS-SA-2023-2765)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack...
EulerOS Virtualization 2.9.1 : ntp (EulerOS-SA-2023-2964)
According to the versions of the ntp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack ...
EulerOS 2.0 SP11 : ntp (EulerOS-SA-2023-2658)
According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...
Medium: ntp
Issue Overview: mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. CVE-2023-26551 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. CVE-2023-26552 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an...
EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2621)
According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...
EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2591)
According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...
EulerOS Virtualization 2.10.0 : ntp (EulerOS-SA-2023-2565)
According to the versions of the ntp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack ...
EulerOS 2.0 SP10 : ntp (EulerOS-SA-2023-2363)
According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...
EulerOS 2.0 SP10 : ntp (EulerOS-SA-2023-2389)
According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...
OESA-2023-1282 ntp security update
NTP is a protocol designed to synchronize the clocks of computers over a network, NTP version 4, a significant revision of the previous NTP standard, is the current development version. It is formalized by RFCs released by the IETF. Security Fixes: mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has ...
Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by...
Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory during the copying of the final number. Exploiting this vulnerability could allow a remot...
SUSE SLES12 Security Update : ntp (SUSE-SU-2023:2171-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2171-1 advisory. Fixed multiple out of bound writes: CVE-2023-26551 bsc1210386, CVE-2023-26552 bsc1210388, CVE-2023-26553 bsc1210387, CVE-2023-26554...
Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries within the cpcpdec loop. Exploiting this vulnerability could allow a remote attacker to execute...
Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory when adding a decimal point. Exploiting this vulnerability could allow a remote attacker ...
SUSE CVE-2023-26552
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...