NTP 4.2.8 Patch 15

CPE Details

NTP 4.2.8 Patch 15
ntp
ntp
4.2.8
2023-11-25
03h34 +00:00
2023-11-25
03h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ntp:ntp:4.2.8:p15:*:*:*:*:*:*

Informations

Vendor

ntp

Product

ntp

Version

4.2.8

Update

p15

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-26551 2023-04-11 00h00 +00:00 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp
5.6
Medium
CVE-2023-26552 2023-04-11 00h00 +00:00 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
5.6
Medium
CVE-2023-26553 2023-04-11 00h00 +00:00 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
5.6
Medium
CVE-2023-26554 2023-04-11 00h00 +00:00 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
5.6
Medium
CVE-2023-26555 2023-04-11 00h00 +00:00 praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
6.4
Medium
CVE-2015-7977 2017-01-30 20h00 +00:00 ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
5.9
Medium