CVSS: 4.9EPSS: 0%CPEs: 32EXPL: 0CVE-2020-15025
https://notcve.org/view.php?id=CVE-2020-15025
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. ntpd en ntp versión 4.2.8 versiones anteriores a 4.2.8p15 y versiones 4.3.x anteriores a 4.3.101, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria) mediante el envío de paquetes, porque la memoria no es liberada en situaciones donde se usa una clave CMAC y está asociada con un algoritmo CMAC en el archivo ntp.keys • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html https://bugs.gentoo.org/729458 https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200702-0002 https://support.ntp.org/bin/view/Main/NtpBug3661 https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea https://www.oracle.com/security-alerts/cpujan2021.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.4EPSS: 5%CPEs: 79EXPL: 0CVE-2020-13817 – ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS
https://notcve.org/view.php?id=CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegación de servicio (salida del demonio o cambio de hora del sistema) mediante la predicción de las marcas de tiempo de transmisión para su uso en paquetes falsificados. La víctima debe confiar en fuentes de tiempo IPv4 no autenticadas. Debe haber un atacante fuera de la ruta que pueda consultar el tiempo desde la instancia ntpd de la víctima A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html http://support.ntp.org/bin/view/Main/NtpBug3596 https://bugs.ntp.org/show_bug.cgi?id=3596 https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200625-0004 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2020-13817 https://bugzilla.redhat.com/show_bug& • CWE-330: Use of Insufficiently Random Values CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 7.5EPSS: 2%CPEs: 54EXPL: 0CVE-2020-11868 – ntp: DoS on client ntpd using server mode packet
https://notcve.org/view.php?id=CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x anteriores a 4.3.100, permite a un atacante fuera de ruta bloquear una sincronización no autenticada por medio de un paquete en modo server con una dirección IP de origen falsificado, porque las transmisiones son reprogramados aun cuando un paquete carece de una marca de tiempo de origen valido. A flaw was found in the Network Time Protocol (NTP), where a security issue exists that allows an off-path attacker to prevent the Network Time Protocol daemon (ntpd) from synchronizing with NTP servers not using authentication. A server mode packet with a spoofed source address sent to the client ntpd causes the next transmission to be rescheduled, even if the packet does not have a valid origin timestamp. If the packet is sent to the client frequently enough, it stops polling the server and is unable to synchronize with it. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html http://support.ntp.org/bin/view/Main/NtpBug3592 https://bugzilla.redhat.com/show_bug.cgi?id=1716665 https://lists.debian.org/debian-lts-announce/2020/05/msg00004.html https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200424-0002 https://www.oracle.com//security-alerts/cpujul2021.html https://access&# • CWE-346: Origin Validation Error CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 31EXPL: 0CVE-2018-7170
https://notcve.org/view.php?id=CVE-2018-7170
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. ntpd en ntp, en versiones 4.2.x anteriores a la 4.2.8p7 y versiones 4.3.x anteriores a la 4.3.92, permite que usuarios autenticados que conozcan la clave privada simétrica creen de forma arbitraria muchas asociaciones efímeras para ganar la selección de reloj de ntpd y modifiquen el reloj de una víctima mediante un ataque Sybil. Este problema existe debido a una solución incompleta para CVE-2016-1549. • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html http://support.ntp.org/bin/view/Main/NtpBug3415 http://www.securityfocus.com/archive/1/541824/100/0/threaded http://www.securityfocus.com/bid/103194 https://bugzilla.redhat.com/show_bug.cgi?id=1550214 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc •
CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0CVE-2017-6451
https://notcve.org/view.php?id=CVE-2017-6451
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write. La función mx4200_send en el refclock legado de MX4200 en NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 no maneja correctamente el valor de retorno de la función snprintf, lo que permite a usuarios locales ejecutar código arbitrario a través de vectores no especificados, lo que desencadena una escritura de memoria fuera de límites. • http://support.ntp.org/bin/view/Main/NtpBug3378 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97058 http://www.securitytracker.com/id/1038123 http://www.securitytracker.com/id/1039427 https://support.apple.com/HT208144 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us • CWE-787: Out-of-bounds Write •