| Max CVSS | 6.4 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-6442 | 4.0 |
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
|
22-01-2019 - 15:39 | 16-01-2019 - 05:29 | |
| CVE-2019-6443 | 6.4 |
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
|
22-01-2019 - 14:44 | 16-01-2019 - 05:29 | |
| CVE-2019-6444 | 6.4 |
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
|
22-01-2019 - 14:44 | 16-01-2019 - 05:29 | |
| CVE-2019-6445 | 4.0 |
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
|
22-01-2019 - 13:35 | 16-01-2019 - 05:29 |