CVSS: 6.2EPSS: 0%CPEs: 90EXPL: 0CVE-2015-7975 – HPE Security Bulletin HPESBHF03750 1
https://notcve.org/view.php?id=CVE-2015-7975
27 Jan 2016 — The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash). La función nextvar en NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 no valida correctamente la longitud de su entrada, lo que permite a un atacante provocar una denegación de servicio (caída de la aplicación). Aanchal Malhotra discovered that NTP incorrectly handled authenticated broa... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 4%CPEs: 108EXPL: 0CVE-2015-7976 – Ubuntu Security Notice USN-3096-1
https://notcve.org/view.php?id=CVE-2015-7976
27 Jan 2016 — The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. El comando savconfig ntpq en NTP 4.1.2, 4.2.x en versiones anteriores a 4.2.8p6, 4.3, 4.3.25, 4.3.70 y 4.3.77 no filtra adecuadamente caracteres especiales, lo que permite a atacantes causar un impacto no especificado a través de un nombre de archivo manipulado. Aanchal Malhotra discovered that ... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html • CWE-254: 7PK - Security Features •
CVSS: 7.7EPSS: 4%CPEs: 29EXPL: 1CVE-2015-7974 – ntp: missing key check allows impersonation between authenticated peers (VU#357792)
https://notcve.org/view.php?id=CVE-2015-7974
26 Jan 2016 — NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." NTP 4.x en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 no verifica las asociaciones del par de las claves simétricas cuando autentica paquetes, lo que podría permitir a atacante remotos llevar a cabo ataques de suplantación de identidad a... • http://bugs.ntp.org/show_bug.cgi?id=2936 • CWE-287: Improper Authentication CWE-304: Missing Critical Step in Authentication •
CVSS: 6.4EPSS: 6%CPEs: 90EXPL: 0CVE-2015-8138 – ntp: missing check for zero originate timestamp
https://notcve.org/view.php?id=CVE-2015-8138
25 Jan 2016 — NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 permite a atacantes remotos eludir la validación de marca horaria de origen a través de un paquete con una marca horaria de origen puesta a cero. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html • CWE-20: Improper Input Validation CWE-294: Authentication Bypass by Capture-replay •
CVSS: 7.5EPSS: 20%CPEs: 38EXPL: 0CVE-2015-5300 – ntp: MITM attacker can force ntpd to make a step larger than the panic threshold
https://notcve.org/view.php?id=CVE-2015-5300
27 Oct 2015 — The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). La comprobación panic_gate en NTP anterior a versión 4.2.8p5 es solo h... • http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc • CWE-20: Improper Input Validation CWE-361: 7PK - Time and State •
CVSS: 7.5EPSS: 11%CPEs: 25EXPL: 0CVE-2015-5194 – ntp: crash with crafted logconfig configuration command
https://notcve.org/view.php?id=CVE-2015-5194
27 Oct 2015 — The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. La función log_config_command en el archivo ntp_parser.y en ntpd en NTP anterior a versión 4.2.7p42, permite a los atacantes remotos causar una denegación de servicio (bloqueo de ntpd) por medio de comandos logconfig creados. It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig confi... • http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 10%CPEs: 18EXPL: 1CVE-2015-5195 – ntp: ntpd crash when processing config commands with statistics type
https://notcve.org/view.php?id=CVE-2015-5195
27 Oct 2015 — ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. ntp_openssl.m4 en ntpd en NTP anterior a 4.2.7p112, permite a los atacantes remotos causar una denegación de servicio (fallo de segmentación) por medio de un comando de configuración statistics o filegen creadas que no está habilitado durante la compilación. It was found that ntpd would exit ... • https://github.com/theglife214/CVE-2015-5195 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0CVE-2015-5219 – ntp: infinite loop in sntp processing crafted packet
https://notcve.org/view.php?id=CVE-2015-5219
27 Oct 2015 — The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. La función ULOGTOD en el archivo ntp.d en SNTP en versiones anteriores a la 4.2.7p366 no realiza apropiadamente las conversiones de tipo de un valor de precisión a uno doble, lo que permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de... • http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc • CWE-704: Incorrect Type Conversion or Cast CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 2%CPEs: 45EXPL: 0CVE-2015-7691 – ntp: incomplete checks in ntp_crypto.c
https://notcve.org/view.php?id=CVE-2015-7691
21 Oct 2015 — The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando paquetes manipulados que conte... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0CVE-2015-7692 – ntp: incomplete checks in ntp_crypto.c
https://notcve.org/view.php?id=CVE-2015-7692
21 Oct 2015 — The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. La función crypto_xmit en ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-9750. It was found t... • http://rhn.redhat.com/errata/RHSA-2016-0780.html • CWE-20: Improper Input Validation •