Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2017-6462

Date: March 27, 2017

Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.

Severity Score

Related Resources (15)

https://access.redhat.com/errata/RHSA-2017:3071
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
https://nvd.nist.gov/vuln/detail/CVE-2017-6462
http://support.ntp.org/bin/view/Main/NtpBug3388
https://access.redhat.com/errata/RHSA-2018:0855
https://support.apple.com/HT208144
http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
http://www.securityfocus.com/bid/97045
https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6462
https://usn.ubuntu.com/3707-2/
https://access.redhat.com/security/cve/CVE-2017-6462
https://security-tracker.debian.org/tracker/CVE-2017-6462
http://www.securitytracker.com/id/1038123
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
https://www.mend.io/vulnerability-database/CVE-2017-6462

Severity Score

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us