Описание
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
5.6 Medium
CVSS3
Дефекты
Связанные уязвимости
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character.
Уязвимость функции mstolfp() (libntp/mstolfp.c) программы мониторинга операций ntpq реализации протокола синхронизации времени NTP, позволяющая нарушителю выполнить произвольный код
EPSS
5.6 Medium
CVSS3