Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 up to and including 4.2.8p10 allows remote malicious users to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntp ntp 4.2.8 |
||
freebsd freebsd 10.4 |
||
freebsd freebsd 11.1 |
||
freebsd freebsd 10.3 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 18.04 |
||
netapp element software - |
Oh, and there are 21 other vulns to patch Juniper pours a shot of its data centre juice into campus networks
It's time for Juniper Networks' semi-regular bugfest, with 22 fixes announced today, two of which carry a “critical” rating and should be applied immediately. The company's software defined networking-supported NFX Series CPE, if running Junos OS version 18.1, had an insecure default setting in the Juniper Device Manager: CVE-2018-0044 allowed SSH access with an empty password. If you can't upgrade to version 18.1R4 or 18.2R1 or later, double-check that all accounts have strong passwords. Th...