SB2017032710 - Multiple vulnerabilities in ntp
Published: March 27, 2017 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2017-6452)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing an application path on the command line. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Code Injection (CVE-ID: CVE-2017-6455)
The vulnerability allows a local authenticated user to execute arbitrary code.
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
3) Buffer overflow (CVE-ID: CVE-2017-6459)
The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://support.ntp.org/bin/view/Main/NtpBug3383
- http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
- http://www.securityfocus.com/bid/97078
- http://www.securitytracker.com/id/1038123
- http://www.securitytracker.com/id/1039427
- https://support.apple.com/HT208144
- http://support.ntp.org/bin/view/Main/NtpBug3384
- http://www.securityfocus.com/bid/97074
- http://support.ntp.org/bin/view/Main/NtpBug3382
- http://www.securityfocus.com/bid/97076