vulnerability
Oracle Linux: CVE-2017-6462: ELSA-2018-0855: ntp security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:N/C:C/I:C/A:C) | Mar 21, 2017 | Oct 26, 2017 | Nov 29, 2024 |
Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Mar 21, 2017
Added
Oct 26, 2017
Modified
Nov 29, 2024
Description
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash.
A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash.
Solution(s)
oracle-linux-upgrade-ntporacle-linux-upgrade-ntpdateoracle-linux-upgrade-ntp-docoracle-linux-upgrade-ntp-perloracle-linux-upgrade-sntp
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.