← Back

CVE-2017-6458

nvd nist
Published: Mar 27, 2017Modified: May 13, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.

Affected (28)

Products: Ntp: Ntp · Hpe: Hpux Ntp · Apple: Mac Os X · +1 more
Show all products
Ntp: Ntp · Hpe: Hpux Ntp · Apple: Mac Os X · Siemens: Simatic Net Cp 443 1 Opc Ua Firmware
Ntp
1 product
Ntp
Hpe
1 product
Hpux Ntp
Apple
1 product
Mac Os X
Siemens
1 product
Simatic Net Cp 443 1 Opc Ua Firmware
Configuration A
25 vulnerable
Vulnerable SoftwareAffected Versions
Ntp
Ntp
Before 4.2.8
Ntp
From 4.3.0 to 4.3.94
Ntp
Version 4.2.8
Ntp
Version 4.2.8 p1-beta1
Ntp
Version 4.2.8 p1-beta2
Ntp
Version 4.2.8 p1-beta3
Ntp
Version 4.2.8 p1-beta4
Ntp
Version 4.2.8 p1-beta5
Ntp
Version 4.2.8 p1-rc1
Ntp
Version 4.2.8 p1-rc2
Ntp
Version 4.2.8 p1
Ntp
Version 4.2.8 p2-rc1
Ntp
Version 4.2.8 p2-rc2
Ntp
Version 4.2.8 p2-rc3
Ntp
Version 4.2.8 p2
Ntp
Version 4.2.8 p3-rc1
Ntp
Version 4.2.8 p3-rc2
Ntp
Version 4.2.8 p3-rc3
Ntp
Version 4.2.8 p3
Ntp
Version 4.2.8 p4
Ntp
Version 4.2.8 p5
Ntp
Version 4.2.8 p6
Ntp
Version 4.2.8 p7
Ntp
Version 4.2.8 p8
Ntp
Version 4.2.8 p9
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Hpux Ntp
Before c.4.2.8.4.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Mac Os X
From 10.8.0 to 10.13
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Net Cp 443 1 Opc Ua Firmware
All versions
Running on/withPlatform Versions
Siemens
Simatic Net Cp 443 1 Opc Ua
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (40)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.