RSS   Vulnerabilities for 'LCES'   RSS

2016-07-03
 
CVE-2016-3989

 
 
The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account.

 
 
CVE-2016-3988

 
 
Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.

 
 
CVE-2016-3962

 
 
Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.

 

 >>> Vendor: Meinberg 14 Products
Lantime m series
Ntp server firmware
Lantime m100
Lantime m200
Lantime m300
Lantime m3000
Lantime m400
Lantime m600
Lantime m900
Ims-lantime m1000
Ims-lantime m3000
Ims-lantime m500
LCES
Syncfire 1100

Copyright 2024, cxsecurity.com

 

Back to Top