CVSS: 8.1EPSS: 37%CPEs: 1EXPL: 1CVE-2014-9294 – ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys
https://notcve.org/view.php?id=CVE-2014-9294
20 Dec 2014 — util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. util/ntp-keygen.c en ntp-keygen en NTP anterior a 4.2.7p230 emplea una semilla RNG débil, esto hace que sea más fácil romper los mecanismos de cifrado atacantes remotos mediante un ataque de fuerza bruta. It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to ... • http://advisories.mageia.org/MGASA-2014-0541.html • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 1CVE-2014-9296 – ntp: receive() missing return on error
https://notcve.org/view.php?id=CVE-2014-9296
20 Dec 2014 — The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. La función de recepción en ntp_proto.c en ntpd en NTP anterior a 4.2.8 continúa ejecutando después de detectar un cierto error de autenticación, lo que podría permitir a un atacante remoto a provocar una asociación involuntaria mediante paquetes modificados. A missing return sta... • http://advisories.mageia.org/MGASA-2014-0541.html • CWE-17: DEPRECATED: Code CWE-390: Detection of Error Condition Without Action •
CVSS: 8.8EPSS: 92%CPEs: 31EXPL: 17CVE-2013-5211 – NTP ntpd monlist Query Reflection - Denial of Service
https://notcve.org/view.php?id=CVE-2013-5211
02 Jan 2014 — The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. La característica monlist en ntp_request.c en ntpd en NTP antes 4.2.7p26 permite a atacantes remotos provocar una denegación de servicio (amplificación de tráfico) a través de solicitudes (1) REQ_MON_GETLIST o (2) solicitudes REQ_MON_GETLIST_1, como han sido... • https://packetstorm.news/files/id/180965 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 65%CPEs: 21EXPL: 1CVE-2009-3563 – ntpd: DoS with mode 7 packets (VU#568372)
https://notcve.org/view.php?id=CVE-2009-3563
09 Dec 2009 — ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. ntp_request.c en ntpd en NTP anterior v4.2.4p8, y v4.2.5, permite a atacantes remotos causar una denegación de servicio (consumo de CPU y ancho de banda) por uso de MODE_PRIVATE para enviar una suplantac... • https://packetstorm.news/files/id/180496 •
CVSS: 9.8EPSS: 56%CPEs: 78EXPL: 0CVE-2009-1252 – ntp: remote arbitrary code execution vulnerability if autokeys is enabled
https://notcve.org/view.php?id=CVE-2009-1252
19 May 2009 — Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field. Desbordamiento de búfer basado en pila en la función crypto_recv en ntp_crypto.c en ntpd en NTP anteriores a v4.2.4p7 y v4.2.5 anterior a v4.2.5p74, cuando OpenSSL y autokey están activados, permite a atacantes remotos ejecutar código de forma... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 13%CPEs: 29EXPL: 0CVE-2009-0159 – ntp: buffer overflow in ntpq
https://notcve.org/view.php?id=CVE-2009-0159
14 Apr 2009 — Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response. Desbordamiento de búfer basado en pila en la función cookedprint en ntpq/ntpq.c en ntpq en NTP versiones anteriores a v4.2.4p7-RC2 permite a servidores NTP remotos ejecutar código de su elección a través de respuestas manipuladas. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 0CVE-2009-0021 – ntp incorrectly checks for malformed signatures
https://notcve.org/view.php?id=CVE-2009-0021
07 Jan 2009 — NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. NTP versiones 4.2.4 anteriores a 4.2.4p5 y versiones 4.2.5 anteriores a 4.2.5p150, no comprueba apropiadamente el valor devuelto de la función EVP_VerifyFinal de OpenSSL, que permite a los atacantes r... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 3%CPEs: 7EXPL: 0CVE-2004-0657
https://notcve.org/view.php?id=CVE-2004-0657
13 Jul 2004 — Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. • http://marc.info/?l=bugtraq&m=108922292425219&w=2 • CWE-190: Integer Overflow or Wraparound •