Описание
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.3 (исключая)
cpe:2.3:a:ntpsec:ntpsec:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12577
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 9.1
ubuntu
около 7 лет назад
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
CVSS3: 9.1
debian
около 7 лет назад
An issue was discovered in NTPsec before 1.1.3. process_control() in n ...
CVSS3: 9.1
github
больше 3 лет назад
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
EPSS
Процентиль: 94%
0.12577
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125