Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by...

Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory when adding a decimal point. Exploiting this vulnerability could allow a remote attacker ...

SUSE CVE-2023-26552

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

SUSE CVE-2023-26553

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

DEBIAN-CVE-2023-26552

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

DEBIAN-CVE-2023-26551

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

PT-2023-2768 · Ntp +4 · Ntp +4

Name of the Vulnerable Software and Affected Versions: NTP version 4.2.8p15 Description: The issue is related to an out-of-bounds write when copying the trailing number in the mstolfp function in libntp/mstolfp.c. This can be exploited by sending a specially crafted request, potentially allowing ...

PT-2023-2552 · Ntp +5 · Ntp +5

Name of the Vulnerable Software and Affected Versions: NTP versions 4.2.8p15 Description: The issue is related to an out-of-bounds write in the mstolfp function when adding a decimal point. This can be exploited by an adversary to potentially execute arbitrary code by sending a specially crafted...

PT-2023-2537 · Ntp +5 · Ntp +5

Name of the Vulnerable Software and Affected Versions: NTP version 4.2.8p15 Description: The issue is related to an out-of-bounds write in the mstolfp function in libntp/mstolfp.c. This can be exploited by sending a specially-crafted request to cause a denial of service. The vulnerability may all...