Home

CVE-2017-6464

Description

NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.462

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.6 - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.6 Combo Update - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.5 - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 Combo Update - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.3Mac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.3 Combo UpdateMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.2Mac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.2 Combo UpdateMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.1Mac
Multiple vulnerabilities are fixed in Security Update 2017-001 macOS High Sierra v10.13.1Mac
Multiple vulnerabilities are fixed in Security Update 2017-001 macOS High Sierra v10.13Mac
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update ntp-4.2.6p5-28.el7.x86_64.rpmLinux
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update ntp-doc-4.2.6p5-28.el7.noarch.rpmLinux
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update ntp-perl-4.2.6p5-28.el7.noarch.rpmLinux
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update ntpdate-4.2.6p5-28.el7.x86_64.rpmLinux
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update sntp-4.2.6p5-28.el7.x86_64.rpmLinux
(RHSA-2017:3071) ntp security update ntp-4.2.6p5-12.el6_9.1.i686.rpmLinux
(RHSA-2017:3071) ntp security update ntp-4.2.6p5-12.el6_9.1.x86_64.rpmLinux
(RHSA-2017:3071) ntp security update ntp-doc-4.2.6p5-12.el6_9.1.noarch.rpmLinux
(RHSA-2017:3071) ntp security update ntp-perl-4.2.6p5-12.el6_9.1.i686.rpmLinux
(RHSA-2017:3071) ntp security update ntp-perl-4.2.6p5-12.el6_9.1.x86_64.rpmLinux
(RHSA-2017:3071) ntp security update ntpdate-4.2.6p5-12.el6_9.1.i686.rpmLinux
(RHSA-2017:3071) ntp security update ntpdate-4.2.6p5-12.el6_9.1.x86_64.rpmLinux
Ntp update (ELSA-2018-3854) ntp-4.2.6p5-15.0.1.el6_10.x86_64.rpmLinux
Ntp-perl update (ELSA-2018-3854) ntp-perl-4.2.6p5-15.0.1.el6_10.x86_64.rpmLinux
Ntpdate update (ELSA-2018-3854) ntpdate-4.2.6p5-15.0.1.el6_10.x86_64.rpmLinux
Ntp-doc update (ELSA-2018-3854) ntp-doc-4.2.6p5-15.0.1.el6_10.noarch.rpmLinux
Ntp update (ELSA-2018-3854) ntp-4.2.6p5-15.0.1.el6_10.i686.rpmLinux
Ntp-perl update (ELSA-2018-3854) ntp-perl-4.2.6p5-15.0.1.el6_10.i686.rpmLinux
Ntpdate update (ELSA-2018-3854) ntpdate-4.2.6p5-15.0.1.el6_10.i686.rpmLinux
Improper Input Validation Vulnerability (CVE-2017-6464)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601312Security Update 2017-001 macOS High Sierra v10.13.1
PATCH-601345Security Update 2017-001 macOS High Sierra v10.13

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234