50 matches found
SUSE CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
SUSE CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...
The vulnerability of the Datum Programmable Time Server (DPTS) refclock implementation of the Network Time Sync protocol allows a perpetrator to cause the ntpd daemon to fail by using the created device /dev/datum.
The vulnerability of the Datum Programmable Time Server DPTS’s refclock implementation of the Network Time Protocol NTP is related to the output of operations that exceed the buffer limits in memory. Exploiting this vulnerability could allow a attacker to cause a failure in the ntpd daemon by usi...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1222)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : ntp (EulerOS-SA-2019-2066)
According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number o...
EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1557)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that ntpd did not check whether a Message Authentication Code MAC was present in a received packet when ntpd was...
OracleVM 3.3 / 3.4 : ntp (OVMSA-2018-0290)
The remote OracleVM system is missing necessary patches to address critical security updates : - add disable monitor to default ntp.conf CVE-2013-5211 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 - fix CVE-2016-7429 patch to work correctly on multicast client 14229...
F5 Networks BIG-IP : NTP vulnerability (K32262483)
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
The vulnerability of the datal driver’s refclock parameter in the Network Time Protocol NTP allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the datal driver parameter of the Network Time Protocol refclock protocol is caused by an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code or cause a service failure by using a negative...
Input validation
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...
DEBIAN-CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
CVE-2017-6451
CVE-2017-6451 affects the NTP legacy MX4200 refclock. The mx4200_send function mishandles the return value of snprintf, enabling a local attacker to trigger an out-of-bounds write and potentially execute arbitrary code. Affected: NTP before 4.2.8p10 and 4.3.x before 4.3.94. Mitigation/remediation...
CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...
UBUNTU-CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...
CVE-2017-6451
A vulnerability was found in NTP, in the legacy MX4200 refclock implementation. If this refclock was compiled in and used, an attacker may be able to induce stack overflow, leading to a crash or potential code execution. Mitigation Properly monitor your ntpd instances, and auto-restart ntpd witho...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ntp-refclock package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...