CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0CVE-2017-6452
https://notcve.org/view.php?id=CVE-2017-6452
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. Desbordamiento de búfer basado en pila en el instalador de Windows para NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permite a usuarios locales tener un impacto no especificado a través de una ruta de la aplicación en la línea de comandos. • http://support.ntp.org/bin/view/Main/NtpBug3383 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97078 http://www.securitytracker.com/id/1038123 http://www.securitytracker.com/id/1039427 https://support.apple.com/HT208144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 95EXPL: 0CVE-2017-6455
https://notcve.org/view.php?id=CVE-2017-6455
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable. NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94, cuando se utiliza PPSAPI, permite a usuarios locales obtener privilegios a través de un DLL en la variable de entorno PPSAPI_DLLS • http://support.ntp.org/bin/view/Main/NtpBug3384 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97074 http://www.securitytracker.com/id/1038123 http://www.securitytracker.com/id/1039427 https://support.apple.com/HT208144 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 0CVE-2017-6458
https://notcve.org/view.php?id=CVE-2017-6458
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. Múltiples desbordamientos de búfer en las funciones ctl_put * en NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permiten a usuarios remotos autenticados tener un impacto no especificado a través de una variable larga. • http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html http://seclists.org/fulldisclosure/2017/Nov/7 http://seclists.org/fulldisclosure/2017/Sep/62 http://support.ntp.org/bin/view/Main/NtpBug3379 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded http://www.securityfocus.com/bid/97051 http://www.securitytracker.com/id/1038123 http://www.u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 95EXPL: 0CVE-2017-6459
https://notcve.org/view.php?id=CVE-2017-6459
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. El instalador de Windows para NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permite a usuarios locales tener un impacto no especificado a través de vectores relacionados con un argumento con múltiples bytes nulos. • http://support.ntp.org/bin/view/Main/NtpBug3382 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97076 http://www.securitytracker.com/id/1038123 https://support.apple.com/HT208144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 95EXPL: 0CVE-2017-6460
https://notcve.org/view.php?id=CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. Desbordamiento de búfer basado en pila en la función reslist en ntpq en NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permite a servidores remotos tener un impacto no especificado a través de una variable flagstr larga en una respuesta de lista de restricciones. • http://support.ntp.org/bin/view/Main/NtpBug3377 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97052 http://www.securitytracker.com/id/1038123 https://security.paloaltonetworks.com/CVE-2017-6460 https://support.apple.com/HT208144 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •