{"id":"MGASA-2018-0371","summary":"Updated ntp packages fix security vulnerability","details":"Updated ntp packages fix security vulnerability:\n\nStack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11\nallows an attacker to achieve code execution or escalate to higher\nprivileges via a long string as the argument for an IPv4 or IPv6\ncommand-line parameter (CVE-2018-12327).\n","modified":"2026-02-01T06:31:44.545389Z","published":"2018-09-13T20:38:07Z","related":["CVE-2018-12327"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0371.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23505"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/437XM4CMBCMPK7D2RSEUZIRLFZD5ZNRD/"}],"affected":[{"package":{"name":"ntp","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/ntp?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.8p12-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0371.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}