[Secure-testing-commits] r50227 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Mar 31 14:56:14 UTC 2017
Author: jmm
Date: 2017-03-31 14:56:13 +0000 (Fri, 31 Mar 2017)
New Revision: 50227
Modified:
data/CVE/list
Log:
more ntp updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-31 14:50:12 UTC (rev 50226)
+++ data/CVE/list 2017-03-31 14:56:13 UTC (rev 50227)
@@ -2434,14 +2434,17 @@
CVE-2017-6465 (Remote Code Execution was discovered in FTPShell Client 6.53. By ...)
NOT-FOR-US: FTPShell Client
CVE-2017-6464 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to ...)
- - ntp 1:4.2.8p10+dfsg-1
+ - ntp 1:4.2.8p10+dfsg-1 (low)
+ [jessie] - ntp <no-dsa> (Minor issue)
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3389
+ NOTE: https://cure53.de/pentest-report_ntp.pdf
CVE-2017-6463 (NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote ...)
- ntp 1:4.2.8p10+dfsg-1
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3387
CVE-2017-6462 (Buffer overflow in the legacy Datum Programmable Time Server (DPTS) ...)
- ntp 1:4.2.8p10+dfsg-1 (unimportant)
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3388
+ NOTE: https://cure53.de/pentest-report_ntp.pdf
NOTE: Obscure legacy feature, no real impact
CVE-2017-6461
REJECTED
More information about the Secure-testing-commits
mailing list