Vulnerability Description
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
CVSS Score
5.5
MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ntp | Ntp | 4.2.8 |
Related Weaknesses (CWE)
References
- http://support.ntp.org/bin/view/Main/NtpBug3382Vendor Advisory
- http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Vendor Advisory
- http://www.securityfocus.com/bid/97076Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038123Third Party AdvisoryVDB Entry
- https://support.apple.com/HT208144
- http://support.ntp.org/bin/view/Main/NtpBug3382Vendor Advisory
- http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Vendor Advisory
- http://www.securityfocus.com/bid/97076Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038123Third Party AdvisoryVDB Entry
- https://support.apple.com/HT208144
FAQ
What is CVE-2017-6459?
CVE-2017-6459 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
How severe is CVE-2017-6459?
CVE-2017-6459 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6459?
Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp.