CVE-2017-6459
https://notcve.org/view.php?id=CVE-2017-6459
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. El instalador de Windows para NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permite a usuarios locales tener un impacto no especificado a través de vectores relacionados con un argumento con múltiples bytes nulos. • http://support.ntp.org/bin/view/Main/NtpBug3382 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/bid/97076 http://www.securitytracker.com/id/1038123 https://support.apple.com/HT208144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7429 – ntp: Attack on interface selection
https://notcve.org/view.php?id=CVE-2016-7429
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use. NTP en versiones anteriores a 4.2.8p9 cambia la estructura de los pares a la interfaz que recibe la respuesta de una fuente, lo que permite a atacantes remotos provocar una denegación de servicio (prevenir la comunicación con una fuente) enviando una respuesta para una fuente a una interfaz que la fuente no utiliza. A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source. • http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3072 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/94453 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr • CWE-18: DEPRECATED: Source Code •
CVE-2016-7433 – ntp: Broken initial sync calculations regression
https://notcve.org/view.php?id=CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion." NTP en versiones anteriores a 4.2.8p9 no realiza adecuadamente los cálculos de sincronización inicial, lo que permite a atacantes remotos un impacto no especificado a través de vectores desconocidos, relacionado con una "distancia de raíz que no incluía la dispersión de pares". A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3067 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/archive/1/539955/100/0/threaded • CWE-682: Incorrect Calculation •
CVE-2016-9311 – ntp: Null pointer dereference when trap service is enabled
https://notcve.org/view.php?id=CVE-2016-9311
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet. ntpd en NTP en versiones anteriores a 4.2.8p9, cuando el servicio de captura está habilitado, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída) a través de un paquete manipulado. A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. • http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3119 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94444 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA- • CWE-476: NULL Pointer Dereference •
CVE-2016-9312
https://notcve.org/view.php?id=CVE-2016-9312
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet. ntpd en NTP en versiones anteriores a 4.2.8p9, cuando se ejecuta en Windows, permite a atacantes remotos provocar una denegación de servicio a través de un paquete UDP grande. • http://nwtime.org/ntp428p9_release http://support.ntp.org/bin/view/Main/NtpBug3110 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94450 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://www.kb.cert.org/vuls/id/633847 • CWE-399: Resource Management Errors •