Intrusion PreventionMeinberg.NTP.Time.Server.Interface.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Meinberg devices.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP POST request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted HTTP POST request.
Affected Products
Meinberg IMS-LANTIME M3000 Version 6.0 and prior
Meinberg IMS-LANTIME M1000 Version 6.0 and prior
Meinberg IMS-LANTIME M500 Version 6.0 and prior
Meinberg LANTIME M900 Version 6.0 and prior
Meinberg LANTIME M600 Version 6.0 and prior
Meinberg LANTIME M400 Version 6.0 and prior
Meinberg LANTIME M300 Version 6.0 and prior
Meinberg LANTIME M200 Version 6.0 and prior
Meinberg LANTIME M100 Version 6.0 and prior
Meinberg SyncFire 1100 Version 6.0 and prior
Meinberg LCES Version 6.0 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.meinberg.de/download/firmware/lantime/v6/firmware-6.20.004-x86.rel
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
References
40120| ID | 45946 |
| Created | Apr 26, 2018 |
| Updated | Feb 27, 2023 |
| Risk |
|
| CVE ID | CVE-2016-3962 |
| Exploit Prediction Score | 0.18% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |