Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NTP 安全漏洞
Vulnerability Description
NTP(Network Time Protocol,网络时间协议)是一款通过网络同步计算机时钟的协议。 NTP 4.2.8p10之前的版本和4.3.94之前的4.3.x版本中的legacy MX4200 refclock的‘mx4200_send’函数中存在安全漏洞,该漏洞源程序没有正确的处理‘snprintf’函数的返回值。本地攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A