CVSS: 5.3EPSS: 0%CPEs: 77EXPL: 0CVE-2014-5209
https://notcve.org/view.php?id=CVE-2014-5209
08 Jan 2020 — An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information. Existe una vulnerabilidad de Divulgación de Información en los mensajes privados (modo 6/7) de NTP versión 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podría permitir a un usuario malicioso obtener información confidencial. • https://exchange.xforce.ibmcloud.com/vulnerabilities/95841 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 2%CPEs: 1EXPL: 0CVE-2019-11331
https://notcve.org/view.php?id=CVE-2019-11331
18 Apr 2019 — Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks. Network Time Protocol (NTP), tal y como se especifica en el RFC 5905, utiliza el puerto 123 incluso para los modos en los que no se requiere un número de puerto fijo, lo que facilita a los atacantes remotos la realización de ataques fuera de ruta. • http://www.securityfocus.com/bid/108010 •
CVSS: 7.5EPSS: 8%CPEs: 35EXPL: 2CVE-2019-8936 – Ubuntu Security Notice USN-4563-2
https://notcve.org/view.php?id=CVE-2019-8936
08 Mar 2019 — NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. A crafted malicious authenticated mode 6 packet from a permitted network address can trigger a NULL pointer dereference. Note for this attack to work, the sending system must be on an address from which the target ntpd(8) accepts mode 6 packets, and must use a private key that is specifically listed as being used for mode 6 authorization. The ntpd daemon can crash due to the NULL pointer derefer... • https://github.com/snappyJack/CVE-2019-8936 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 3CVE-2018-12327 – ntp 4.2.8p11 - Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2018-12327
20 Jun 2018 — Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source. Desbordamiento de búfer basado en pila en ntpq y ntpdc en NTP 4.2.8p11 permite que un atacante logre la ejecución de código o escale a mayores privil... • https://packetstorm.news/files/id/148271 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 10%CPEs: 14EXPL: 0CVE-2018-7183 – Ubuntu Security Notice USN-3707-2
https://notcve.org/view.php?id=CVE-2018-7183
08 Mar 2018 — Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. Desbordamiento de búfer en la función decodearr en ntpq en ntp, desde la versión 4.2.8p6 hasta la 4.2.8p10, permite que atacantes remotos ejecuten código arbitrario aprovechando una consulta ntpq y enviando una respuesta con un array manipulado. Yihan Lian discovered that NTP incorrectly handled certain ma... • http://support.ntp.org/bin/view/Main/NtpBug3414 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 1%CPEs: 31EXPL: 0CVE-2018-7170 – Slackware Security Advisory - ntp Updates
https://notcve.org/view.php?id=CVE-2018-7170
01 Mar 2018 — ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. ntpd en ntp, en versiones 4.2.x anteriores a la 4.2.8p7 y versiones 4.3.x anteriores a la 4.3.92, permite que usuarios autenticados que conozcan la clave privada simétrica creen de for... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •
CVSS: 7.5EPSS: 8%CPEs: 8EXPL: 2CVE-2018-7182 – ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
https://notcve.org/view.php?id=CVE-2018-7182
01 Mar 2018 — The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. el método ctl_getitem en ntpd en ntp, en versiones 4.2.8p6 anteriores a la 4.2.8p11 permite que atacantes remotos provoquen una denegación de servicio (lectura fuera de límites) mediante un paquete mode 6 manipulado con una instancia ntpd desde la versión 4.2.8p6 hasta la 4.2.8p10. Yihan Lian di... • https://packetstorm.news/files/id/150341 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 6%CPEs: 23EXPL: 0CVE-2018-7184 – Ubuntu Security Notice USN-3707-1
https://notcve.org/view.php?id=CVE-2018-7184
01 Mar 2018 — ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, envía paquetes malos antes de actualizar la marca de tiempo "received"... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •
CVSS: 7.5EPSS: 15%CPEs: 63EXPL: 0CVE-2018-7185 – Ubuntu Security Notice USN-3707-2
https://notcve.org/view.php?id=CVE-2018-7185
01 Mar 2018 — The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. El motor de protocolo en ntp, en versiones 4.2.6 anteriores a la 4.2.8p11, permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío continuado de un paquete con una marc... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •
CVSS: 5.9EPSS: 1%CPEs: 6EXPL: 1CVE-2016-9042 – Apple Security Advisory 2017-10-31-8
https://notcve.org/view.php?id=CVE-2016-9042
12 Apr 2017 — An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition. Existe una vulnerabilidad explotable de denegación de servicio (DoS) en la funcionalidad de comprobación de marca de ... • http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html • CWE-20: Improper Input Validation •