CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/01/16 12:0 a.m.•32 views

EulerOS 2.0 SP11 : ntp (EulerOS-SA-2023-2658)

According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

Tenable Nessus•added 2024/01/16 12:0 a.m.•25 views

EulerOS 2.0 SP11 : ntp (EulerOS-SA-2023-2700)

Tenable Nessus•added 2024/01/16 12:0 a.m.•21 views

EulerOS Virtualization 2.9.0 : ntp (EulerOS-SA-2023-2990)

According to the versions of the ntp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack ...

Tenable Nessus•added 2024/01/09 12:0 a.m.•28 views

Amazon Linux 2 : ntp (ALAS-2024-2396)

The version of ntp installed on the remote host is prior to 4.2.8p15-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2396 advisory. 2024-02-15: CVE-2023-26555 was added to this advisory. mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds wri...

6.4CVSS6.5AI score0.00942EPSS

Exploits0References12

Tenable Nessus•added 2023/08/08 12:0 a.m.•26 views

EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2621)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

Tenable Nessus•added 2023/05/14 12:0 a.m.•26 views

SUSE SLES12 Security Update : ntp (SUSE-SU-2023:2171-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2171-1 advisory. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to...

5.6CVSS6.6AI score0.00681EPSS

Exploits0References13

RedhatCVE•added 2023/04/13 1:31 p.m.•52 views

CVE-2023-26554

An out-of-bounds write flaw was found in the ntp package. A remote attacker may trigger this vulnerability by sending malicious data packets to the ntp server. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS5.5AI score0.0035EPSS

Exploits0References4

RedhatCVE•added 2023/04/13 1:31 p.m.•36 views

CVE-2023-26553

5.6CVSS5.5AI score0.00681EPSS

Exploits0References4

Prion•added 2023/04/11 9:15 p.m.•20 views

Out-of-bounds

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.1CVSS5.5AI score0.0035EPSS

Exploits0References2Affected Software1

Prion•added 2023/04/11 9:15 p.m.•19 views

Out-of-bounds

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.1CVSS5.5AI score0.00282EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2023/04/11 9:15 p.m.•109 views

CVE-2023-26552

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS6.8AI score0.00282EPSS

Exploits0References3

Cvelist•added 2023/04/11 12:0 a.m.•16 views

CVE-2023-26553

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

6.3AI score0.00681EPSS

Cvelist•added 2023/04/11 12:0 a.m.•17 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

6.3AI score0.0035EPSS

Positive Technologies•added 2023/04/11 12:0 a.m.•1 views

PT-2023-2768 · Ntp +4 · Ntp +4

Name of the Vulnerable Software and Affected Versions: NTP version 4.2.8p15 Description: The issue is related to an out-of-bounds write when copying the trailing number in the mstolfp function in libntp/mstolfp.c. This can be exploited by sending a specially crafted request, potentially allowing ...

6.4CVSS7.5AI score0.00942EPSS

Exploits0References38

Debian CVE•added 2023/04/11 12:0 a.m.•36 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS5.8AI score0.0035EPSS

Exploits0

Vulnrichment•added 2023/04/11 12:0 a.m.•5 views

CVE-2023-26553

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.7AI score0.00681EPSS

Vulnrichment•added 2023/04/11 12:0 a.m.•10 views

CVE-2023-26551

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.7AI score0.0035EPSS

Vulnrichment•added 2023/04/11 12:0 a.m.•8 views

CVE-2023-26552

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.7AI score0.00282EPSS

Vulnrichment•added 2023/04/11 12:0 a.m.•9 views

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.4AI score0.0035EPSS