Ntp

ntp

99 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Ntp

ntp

99 CVEs

CVEs (99)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-6464 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
CVE-2017-6463 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
CVE-2017-6462 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
CVE-2017-6460 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
CVE-2017-6459 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
CVE-2017-6458 4Apple HpeNtp+1 more 4Hpux Ntp Mac Os XNtp+1 more May 13, 2026 Mar 27, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
CVE-2017-6455 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
CVE-2017-6452 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
CVE-2017-6451 1Ntp 1Ntp May 13, 2026 Mar 27, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code...Show more The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.Show less
CVE-2016-2519 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.9 MEDIUM· v3 4.9 MEDIUM· v2 ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
CVE-2016-2518 7Debian FreebsdNetapp+4 more 17Clustered Data Ontap Communications User Data RepositoryData Ontap+14 more May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVE-2016-2517 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 4.9 MEDIUM· v2 NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to...Show more NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.Show less
CVE-2016-2516 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 7.1 HIGH· v2 NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
CVE-2015-8158 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
CVE-2015-8140 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 4.8 MEDIUM· v3 5.8 MEDIUM· v2 The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
CVE-2015-8139 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
CVE-2015-8138 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
CVE-2015-7979 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
CVE-2015-7978 1Ntp 1Ntp May 13, 2026 Jan 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
CVE-2015-7977 8Canonical DebianFedoraproject+5 more 10Clustered Data Ontap Debian LinuxFedora+7 more May 13, 2026 Jan 30, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

Previous 1 234 5 Next