CVE-2010-0293

https://notcve.org/view.php?id=CVE-2010-0293

The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets. La funcionalidad "client logging" en chronyd en Chrony anterior a v1.23.1, no restringe la cantidad de memoria empleada para almacenar la información de un cliente, lo que permite a atacantes remotos, provocar una denegación de servicio (consumo de memoria) mediante la suplantación de paquetes (1) NTP o (2) cmdmon. • http://chrony.tuxfamily.org/News.html http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=2f63cf448560fdb96b80d8488aae6a15b802a753 http://secunia.com/advisories/38428 http://secunia.com/advisories/38480 http://www.debian.org/security/2010/dsa-1992 http://www.securityfocus.com/bid/38106 https://bugzilla.redhat.com/show_bug.cgi?id=555367 • CWE-399: Resource Management Errors •