Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-12327

Опубликовано: 20 июн. 2018
Источник: ubuntu
Приоритет: negligible
EPSS Средний
CVSS2: 7.5
CVSS3: 9.8

Описание

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

not-affected

1:4.2.8p12+dfsg-3ubuntu1
eoan

not-affected

1:4.2.8p12+dfsg-3ubuntu2
esm-apps/bionic

released

1:4.2.8p10+dfsg-5ubuntu7.3+esm1
esm-apps/focal

not-affected

1:4.2.8p12+dfsg-3ubuntu3
esm-apps/jammy

not-affected

1:4.2.8p12+dfsg-3ubuntu3
esm-infra-legacy/trusty

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+esm1

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%
0.19236
Средний

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-12327

CVSS3: 7
redhat
больше 7 лет назад

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.

nvd логотип

CVE-2018-12327

CVSS3: 9.8
nvd
больше 7 лет назад

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.

debian логотип

CVE-2018-12327

CVSS3: 9.8
debian
больше 7 лет назад

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ...

github логотип

GHSA-gmx7-j3pp-2gxp

CVSS3: 9.8
github
больше 3 лет назад

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.

oracle-oval логотип

ELSA-2019-2077

oracle-oval
больше 6 лет назад

ELSA-2019-2077: ntp security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 95%
0.19236
Средний

7.5 High

CVSS2

9.8 Critical

CVSS3