CVE-2014-5209
https://notcve.org/view.php?id=CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information. Existe una vulnerabilidad de Divulgación de Información en los mensajes privados (modo 6/7) de NTP versión 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podría permitir a un usuario malicioso obtener información confidencial. • https://exchange.xforce.ibmcloud.com/vulnerabilities/95841 https://support.f5.com/csp/article/K44942017 https://support.f5.com/csp/article/K44942017?utm_source=f5support&%3Butm_medium=RSS • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-11331
https://notcve.org/view.php?id=CVE-2019-11331
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks. Network Time Protocol (NTP), tal y como se especifica en el RFC 5905, utiliza el puerto 123 incluso para los modos en los que no se requiere un número de puerto fijo, lo que facilita a los atacantes remotos la realización de ataques fuera de ruta. • http://www.securityfocus.com/bid/108010 https://support.f5.com/csp/article/K09940637 https://support.f5.com/csp/article/K09940637?utm_source=f5support&%3Butm_medium=RSS https://tools.ietf.org/html/draft-gont-ntp-port-randomization-00 •
CVE-2019-8936
https://notcve.org/view.php?id=CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. • https://github.com/snappyJack/CVE-2019-8936 http://bugs.ntp.org/show_bug.cgi?id=3565 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html http://support.ntp.org/bin/view/Main/SecurityNotice https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP http • CWE-476: NULL Pointer Dereference •
CVE-2018-12327 – ntp 4.2.8p11 - Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2018-12327
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source. Desbordamiento de búfer basado en pila en ntpq y ntpdc en NTP 4.2.8p11 permite que un atacante logre la ejecución de código o escale a mayores privilegios mediante una cadena larga en el argumento para un parámetro command-line IPv4 o IPv6. NOTA: no se sabe a ciencia cierta si hay situaciones comunes en las que se emplea ntpq o ntpdc con una línea de comando de un origen no fiable. The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. • https://www.exploit-db.com/exploits/44909 http://www.securityfocus.com/bid/104517 https://access.redhat.com/errata/RHSA-2018:3853 https://access.redhat.com/errata/RHSA-2018:3854 https://access.redhat.com/errata/RHSA-2019:2077 https://gist.github.com/fakhrizulkifli/9b58ed8e0354e8deee50b0eebd1c011f https://security.gentoo.org/glsa/201903-15 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us https://usn.ubuntu.com/4229-1 https://access.redh • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2018-7183
https://notcve.org/view.php?id=CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. Desbordamiento de búfer en la función decodearr en ntpq en ntp, desde la versión 4.2.8p6 hasta la 4.2.8p10, permite que atacantes remotos ejecuten código arbitrario aprovechando una consulta ntpq y enviando una respuesta con un array manipulado. • http://support.ntp.org/bin/view/Main/NtpBug3414 http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S http://www.securityfocus.com/bid/103351 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc https://security.gentoo.org/glsa/201805-12 https://security.netapp.com/advisory/ntap-20180626-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us https://usn.ubuntu.com/3707-1 https://usn • CWE-787: Out-of-bounds Write •