NVD

Id
83775  
Name
CVE-2017-6451  
Description
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-04-27  
Published
2017-03-27  
Modified Date
2017-03-30  
Seq
2017-6451  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
411641 83775 CVE-2017-5552 http://git.qemu.org/?p=qemu.git;a=commit;h=33243031dad02d161225ba99d782616da133f689  View
411642 83775 CVE-2017-5552 [oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing  View
411643 83775 CVE-2017-5552 [oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing  View
411644 83775 CVE-2017-5552 95773  View
411645 83775 CVE-2017-5552 http://git.qemu.org/?p=qemu.git;a=commit;h=33243031dad02d161225ba99d782616da133f689  View
411646 83775 CVE-2017-5552 [oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing  View
411647 83775 CVE-2017-5552 [oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing  View
411648 83775 CVE-2017-5552 95773  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
65825 JVNDB-2017-002164 NTP の従来の MX4200 refclock の mx4200_send 関数における任意のコードを実行される脆弱性 NTP の従来の MX4200 refclock の mx4200_send 関数は、snprintf 関数の戻り値を適切に処理しないため、任意のコードを実行される脆弱性が存在します。 CVE-2017-6451 CVE-2017-6451 83775 4.6 7.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002164.html 2017-03-21 2017-03-31 View