6.8

CVE-2009-0159

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NtpNtp Updaterc1 Version <= 4.2.4p7
NtpNtp Version4.0.72
NtpNtp Version4.0.73
NtpNtp Version4.0.90
NtpNtp Version4.0.91
NtpNtp Version4.0.92
NtpNtp Version4.0.93
NtpNtp Version4.0.94
NtpNtp Version4.0.95
NtpNtp Version4.0.96
NtpNtp Version4.0.97
NtpNtp Version4.0.98
NtpNtp Version4.0.99
NtpNtp Version4.1.0
NtpNtp Version4.1.2
NtpNtp Version4.2.0
NtpNtp Version4.2.2
NtpNtp Version4.2.2p1
NtpNtp Version4.2.2p2
NtpNtp Version4.2.2p3
NtpNtp Version4.2.2p4
NtpNtp Version4.2.4
NtpNtp Version4.2.4p0
NtpNtp Version4.2.4p1
NtpNtp Version4.2.4p2
NtpNtp Version4.2.4p3
NtpNtp Version4.2.4p4
NtpNtp Version4.2.4p5
NtpNtp Version4.2.4p6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 13.08% 0.934
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.