Описание
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.3 (исключая)
cpe:2.3:a:ntpsec:ntpsec:*:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.30797
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 9.1
ubuntu
около 7 лет назад
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
CVSS3: 9.1
debian
около 7 лет назад
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ct ...
CVSS3: 9.1
github
больше 3 лет назад
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
EPSS
Процентиль: 97%
0.30797
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125