CVE-2023-26553

Опубликовано: 11 апр. 2023

Источник: ubuntu

Приоритет: negligible

CVSS3: 5.6

Описание

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	DNE
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/xenial	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
kinetic	DNE

Показывать по

Ссылки на источники

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2023-26553

CVSS3: 5.6

redhat

почти 3 года назад

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

CVE-2023-26553

CVSS3: 5.6

nvd

почти 3 года назад

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

CVE-2023-26553

CVSS3: 5.6

debian

почти 3 года назад

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...

GHSA-3j84-rjwj-29h2

CVSS3: 5.6

github

почти 3 года назад

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number.

BDU:2023-02658

CVSS3: 5.6

fstec

почти 3 года назад

Уязвимость функции mstolfp() (libntp/mstolfp.c) программы мониторинга операций ntpq реализации протокола синхронизации времени NTP, позволяющая нарушителю выполнить произвольный код

5.6 Medium

CVSS3

CVE-2023-26553

Описание

Пакет ntp

Ссылки на источники

Связанные уязвимости