Search criteria
10 vulnerabilities by tuxfamily
CVE-2020-14367 (GCVE-0-2020-14367)
Vulnerability from cvelistv5 – Published: 2020-08-24 14:07 – Updated: 2024-08-04 12:46
VLAI?
Summary
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal.
Severity ?
No CVSS data available.
CWE
- CWE-59 - leads to CWE-22
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:46:33.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2020-7aa962c55e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4475-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrony",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All chrony versions before 3.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it\u0027s opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 leads to CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-09T13:06:31",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2020-7aa962c55e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4475-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrony",
"version": {
"version_data": [
{
"version_value": "All chrony versions before 3.5.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it\u0027s opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 leads to CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2020-7aa962c55e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4475-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-14367",
"datePublished": "2020-08-24T14:07:19",
"dateReserved": "2020-06-17T00:00:00",
"dateUpdated": "2024-08-04T12:46:33.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1853 (GCVE-0-2015-1853)
Vulnerability from cvelistv5 – Published: 2019-12-09 18:53 – Updated: 2024-08-06 04:54
VLAI?
Summary
chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://chrony.tuxfamily.org/News.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "chrony",
"vendor": "chrony",
"versions": [
{
"status": "affected",
"version": "before 1.31.1"
}
]
}
],
"datePublic": "2015-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-09T18:53:22",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://chrony.tuxfamily.org/News.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1853",
"datePublished": "2019-12-09T18:53:22",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1567 (GCVE-0-2016-1567)
Vulnerability from cvelistv5 – Published: 2016-01-26 19:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:11.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintel.com/reports/TALOS-2016-0071/"
},
{
"name": "FEDORA-2016-6f783d1768",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176559.html"
},
{
"name": "FEDORA-2016-6a0b0ab775",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175969.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintel.com/reports/TALOS-2016-0071/"
},
{
"name": "FEDORA-2016-6f783d1768",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176559.html"
},
{
"name": "FEDORA-2016-6a0b0ab775",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175969.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintel.com/reports/TALOS-2016-0071/",
"refsource": "MISC",
"url": "http://www.talosintel.com/reports/TALOS-2016-0071/"
},
{
"name": "FEDORA-2016-6f783d1768",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176559.html"
},
{
"name": "FEDORA-2016-6a0b0ab775",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175969.html"
},
{
"name": "http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released",
"refsource": "CONFIRM",
"url": "http://chrony.tuxfamily.org/news.html#_20_jan_2016_chrony_2_2_1_and_chrony_1_31_2_released"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1567",
"datePublished": "2016-01-26T19:00:00",
"dateReserved": "2016-01-08T00:00:00",
"dateUpdated": "2024-08-05T23:02:11.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1822 (GCVE-0-2015-1822)
Vulnerability from cvelistv5 – Published: 2015-04-16 14:00 – Updated: 2024-08-06 04:54
VLAI?
Summary
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"name": "73956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chrony before 1.31.1 does not initialize the last \"next\" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"name": "73956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73956"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1822",
"datePublished": "2015-04-16T14:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1821 (GCVE-0-2015-1821)
Vulnerability from cvelistv5 – Published: 2015-04-16 14:00 – Updated: 2024-08-06 04:54
VLAI?
Summary
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "73955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "73955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1821",
"datePublished": "2015-04-16T14:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4503 (GCVE-0-2012-4503)
Vulnerability from cvelistv5 – Published: 2013-11-05 21:00 – Updated: 2024-09-16 16:14
VLAI?
Summary
cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_accesses function when client logging is disabled, which causes uninitialized data to be included in a reply.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git%3Ba=commitdiff%3Bh=c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_accesses function when client logging is disabled, which causes uninitialized data to be included in a reply."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-05T21:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git%3Ba=commitdiff%3Bh=c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_accesses function when client logging is disabled, which causes uninitialized data to be included in a reply."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"refsource": "MLIST",
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"name": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3",
"refsource": "CONFIRM",
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=846392",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4503",
"datePublished": "2013-11-05T21:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-09-16T16:14:03.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4502 (GCVE-0-2012-4502)
Vulnerability from cvelistv5 – Published: 2013-11-05 21:00 – Updated: 2024-09-17 04:24
VLAI?
Summary
Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service (crash) via a crafted (1) REQ_SUBNETS_ACCESSED or (2) REQ_CLIENT_ACCESSES command request to the PKL_CommandLength function or crafted (3) RPY_SUBNETS_ACCESSED, (4) RPY_CLIENT_ACCESSES, (5) RPY_CLIENT_ACCESSES_BY_INDEX, or (6) RPY_MANUAL_LIST command reply to the PKL_ReplyLength function, which triggers an out-of-bounds read or buffer overflow. NOTE: versions 1.27 and 1.28 do not require authentication to exploit.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git%3Ba=commitdiff%3Bh=7712455d9aa33d0db0945effaa07e900b85987b1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service (crash) via a crafted (1) REQ_SUBNETS_ACCESSED or (2) REQ_CLIENT_ACCESSES command request to the PKL_CommandLength function or crafted (3) RPY_SUBNETS_ACCESSED, (4) RPY_CLIENT_ACCESSES, (5) RPY_CLIENT_ACCESSES_BY_INDEX, or (6) RPY_MANUAL_LIST command reply to the PKL_ReplyLength function, which triggers an out-of-bounds read or buffer overflow. NOTE: versions 1.27 and 1.28 do not require authentication to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-05T21:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git%3Ba=commitdiff%3Bh=7712455d9aa33d0db0945effaa07e900b85987b1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service (crash) via a crafted (1) REQ_SUBNETS_ACCESSED or (2) REQ_CLIENT_ACCESSES command request to the PKL_CommandLength function or crafted (3) RPY_SUBNETS_ACCESSED, (4) RPY_CLIENT_ACCESSES, (5) RPY_CLIENT_ACCESSES_BY_INDEX, or (6) RPY_MANUAL_LIST command reply to the PKL_ReplyLength function, which triggers an out-of-bounds read or buffer overflow. NOTE: versions 1.27 and 1.28 do not require authentication to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[chrony-announce] 20130808 chrony-1.29 released (security)",
"refsource": "MLIST",
"url": "http://permalink.gmane.org/gmane.comp.time.chrony.announce/15"
},
{
"name": "DSA-2760",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2760"
},
{
"name": "[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/332"
},
{
"name": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=7712455d9aa33d0db0945effaa07e900b85987b1",
"refsource": "CONFIRM",
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=7712455d9aa33d0db0945effaa07e900b85987b1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=846392",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=846392"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4502",
"datePublished": "2013-11-05T21:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-09-17T04:24:42.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0292 (GCVE-0-2010-0292)
Vulnerability from cvelistv5 – Published: 2010-02-08 20:00 – Updated: 2024-09-16 22:40
VLAI?
Summary
The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, a related issue to CVE-2009-3563.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=7864c7a70ce00369194e734eb2842ecc5f8db531"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, a related issue to CVE-2009-3563."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-08T20:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=7864c7a70ce00369194e734eb2842ecc5f8db531"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, a related issue to CVE-2009-3563."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38106"
},
{
"name": "http://chrony.tuxfamily.org/News.html",
"refsource": "CONFIRM",
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38428"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=555367",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=7864c7a70ce00369194e734eb2842ecc5f8db531",
"refsource": "CONFIRM",
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=7864c7a70ce00369194e734eb2842ecc5f8db531"
},
{
"name": "38480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0292",
"datePublished": "2010-02-08T20:00:00Z",
"dateReserved": "2010-01-12T00:00:00Z",
"dateUpdated": "2024-09-16T22:40:55.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0293 (GCVE-0-2010-0293)
Vulnerability from cvelistv5 – Published: 2010-02-08 20:00 – Updated: 2024-09-16 16:48
VLAI?
Summary
The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=2f63cf448560fdb96b80d8488aae6a15b802a753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-08T20:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=2f63cf448560fdb96b80d8488aae6a15b802a753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38106"
},
{
"name": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=2f63cf448560fdb96b80d8488aae6a15b802a753",
"refsource": "CONFIRM",
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=2f63cf448560fdb96b80d8488aae6a15b802a753"
},
{
"name": "http://chrony.tuxfamily.org/News.html",
"refsource": "CONFIRM",
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38428"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=555367",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0293",
"datePublished": "2010-02-08T20:00:00Z",
"dateReserved": "2010-01-12T00:00:00Z",
"dateUpdated": "2024-09-16T16:48:21.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0294 (GCVE-0-2010-0294)
Vulnerability from cvelistv5 – Published: 2010-02-08 20:00 – Updated: 2024-09-16 23:40
VLAI?
Summary
chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=0b710499f994823bd938fc6895f097eefb9cc59f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-08T20:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git%3Ba=commit%3Bh=0b710499f994823bd938fc6895f097eefb9cc59f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1992"
},
{
"name": "38106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38106"
},
{
"name": "http://chrony.tuxfamily.org/News.html",
"refsource": "CONFIRM",
"url": "http://chrony.tuxfamily.org/News.html"
},
{
"name": "38428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38428"
},
{
"name": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=0b710499f994823bd938fc6895f097eefb9cc59f",
"refsource": "CONFIRM",
"url": "http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=0b710499f994823bd938fc6895f097eefb9cc59f"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=555367",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=555367"
},
{
"name": "38480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0294",
"datePublished": "2010-02-08T20:00:00Z",
"dateReserved": "2010-01-12T00:00:00Z",
"dateUpdated": "2024-09-16T23:40:29.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}