spwpun/ntp-4.2.8p15-cves

spwpun/ntp-4.2.8p15-cves

Releases0

Stars12

5 cves of ntp 4.2.8p15 founded by me.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-26551 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	5.6 MEDIUM	—
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
CVE-2023-26552 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	5.6 MEDIUM	—
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
CVE-2023-26553 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	5.6 MEDIUM	—
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
CVE-2023-26554 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	5.6 MEDIUM	—
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
CVE-2023-26555 ↗	Apr 11, 2023Tuesday, 11 April 2023, 21:15	6.4 MEDIUM	—
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.