Page 9 of 49 results (0.020 seconds)

CVSS: 8.8EPSS: 1%CPEs: 24EXPL: 0

Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file. Un desbordamiento de búfer en la funcionalidad de gestión de contraseñas en NTP 4.2.x en versiones anteriores a la 4.2.8p4, y 4.3.x en versiones anteriores a la 4.3.77 permite que usuarios remotos autenticados provoquen una denegación de servicio o la posibilidad de ejecutar código arbitrario empleando un archivo de claves manipulado. • http://support.ntp.org/bin/view/Main/NtpBug2921 http://www.securityfocus.com/bid/77277 http://www.securitytracker.com/id/1033951 https://bugzilla.redhat.com/show_bug.cgi?id=1274263 https://security.gentoo.org/glsa/201607-15 https://security.netapp.com/advisory/ntap-20171004-0001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 1%CPEs: 45EXPL: 0

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando paquetes manipulados que contengan operaciones de autoclave específicas. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. • http://rhn.redhat.com/errata/RHSA-2016-0780.html http://rhn.redhat.com/errata/RHSA-2016-2583.html http://support.ntp.org/bin/view/Main/NtpBug2899 http://www.debian.org/security/2015/dsa-3388 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/77274 http://www.securitytracker.com/id/1033951 https://bugzilla.redhat.com/show_bug.cgi?id=1274254 https://security.gentoo.org/glsa/201607-15 https://security.netapp.com • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 35%CPEs: 45EXPL: 0

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. Las directivas "pidfile" o "driftfile" en NTP ntpd versión 4.2.x anterior a 4.2.8p4, y versión 4.3.x anterior a 4.3.77, cuando ntpd está configurado para permitir la configuración remota, permite a los atacantes remotos con una dirección IP que puede enviar peticiones de configuración y con el conocimiento de la contraseña de configuración remota, escribir en archivos arbitrarios mediante el comando :config. It was found that NTP's :config command could be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals). • http://rhn.redhat.com/errata/RHSA-2016-0780.html http://rhn.redhat.com/errata/RHSA-2016-2583.html http://support.ntp.org/bin/view/Main/NtpBug2902 http://www.debian.org/security/2015/dsa-3388 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/77278 http://www.securitytracker.com/id/1033951 https://bugzilla.redhat.com/show_bug.cgi?id=1254547 https://security.gentoo.org/glsa/201607-15 https://security.netapp.com • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •

CVSS: 6.5EPSS: 1%CPEs: 45EXPL: 0

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. • http://rhn.redhat.com/errata/RHSA-2016-0780.html http://rhn.redhat.com/errata/RHSA-2016-2583.html http://support.ntp.org/bin/view/Main/NtpBug2899 http://www.debian.org/security/2015/dsa-3388 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/77286 http://www.securitytracker.com/id/1033951 https://security.gentoo.org/glsa/201607-15 https://security.netapp.com/advisory/ntap-20171004-0001 https://access.redhat.com& • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. • http://rhn.redhat.com/errata/RHSA-2016-0780.html http://rhn.redhat.com/errata/RHSA-2016-2583.html http://support.ntp.org/bin/view/Main/NtpBug2899 http://www.debian.org/security/2015/dsa-3388 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/77285 http://www.securitytracker.com/id/1033951 https://bugzilla.redhat.com/show_bug.cgi?id=1274254 https://security.gentoo.org/glsa/201607-15 https://security.netapp.com • CWE-20: Improper Input Validation •