Описание
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:4.2.8p4+dfsg-3ubuntu6 |
| esm-infra-legacy/trusty | not-affected | 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8 |
| esm-infra/xenial | released | 1:4.2.8p4+dfsg-3ubuntu5.3 |
| precise | not-affected | 1:4.2.6.p3+dfsg-1ubuntu3.9 |
| trusty | not-affected | 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8 |
| trusty/esm | not-affected | 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8 |
| upstream | released | 4.2.8p6 |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | not-affected | |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
2.1 Low
CVSS2
6.2 Medium
CVSS3
Связанные уязвимости
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 doe ...
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
EPSS
2.1 Low
CVSS2
6.2 Medium
CVSS3