Описание
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
Ссылки
- Mailing ListThird Party Advisory
- PatchThird Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- PatchThird Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (исключая)
cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:hp:tru64_unix:4.0f:patch_kit8:*:*:*:*:*:*
cpe:2.3:o:hp:tru64_unix:4.0g:patch_kit4:*:*:*:*:*:*
cpe:2.3:o:hp:tru64_unix:5.1b:patch_kit2:*:*:*:*:*:*
cpe:2.3:o:hp:tru64_unix:5.1b:patch_kit3:*:*:*:*:*:*
cpe:2.3:o:hp:tru64_unix:5.1b:patch_kit4:*:*:*:*:*:*
cpe:2.3:o:hp:tru64_unix:51.1a:patch_kit6:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04544
Низкий
5 Medium
CVSS2
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 7.1
redhat
около 5 лет назад
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
debian
около 21 года назад
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP se ...
github
больше 3 лет назад
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
EPSS
Процентиль: 89%
0.04544
Низкий
5 Medium
CVSS2
Дефекты
CWE-190