CVE-2016-7434

Опубликовано: 21 нояб. 2016

Источник: redhat

CVSS3: 5.3

CVSS2: 3.5

Описание

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

Отчет

This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include support for mrulist.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ntp	Not affected
Red Hat Enterprise Linux 6	ntp	Not affected
Red Hat Enterprise Linux 7	ntp	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1397334ntp: read_mru_list() does inadequate incoming packet checks

5.3 Medium

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

CVE-2016-7434

CVSS3: 7.5

ubuntu

около 9 лет назад

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

CVE-2016-7434

CVSS3: 7.5

nvd

около 9 лет назад

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

CVE-2016-7434

CVSS3: 7.5

debian

около 9 лет назад

The read_mru_list function in NTP before 4.2.8p9 allows remote attacke ...

GHSA-qf57-pg9f-mrmv

CVSS3: 7.5

github

больше 3 лет назад

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

openSUSE-SU-2016:3280-1

suse-cvrf

около 9 лет назад

Security update for ntp

5.3 Medium

CVSS3

3.5 Low

CVSS2