CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26551
https://notcve.org/view.php?id=CVE-2023-26551
11 Apr 2023 — mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. • https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26551 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26552
https://notcve.org/view.php?id=CVE-2023-26552
11 Apr 2023 — mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. • https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26552 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26553
https://notcve.org/view.php?id=CVE-2023-26553
11 Apr 2023 — mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. • https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26553 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26554
https://notcve.org/view.php?id=CVE-2023-26554
11 Apr 2023 — mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. • https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26554 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26555
https://notcve.org/view.php?id=CVE-2023-26555
11 Apr 2023 — praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. • https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26555 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125036 – drybjed ansible-ntp main.yml amplification
https://notcve.org/view.php?id=CVE-2014-125036
02 Jan 2023 — A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local network. The complexity of an attack is rather high. • https://github.com/drybjed/ansible-ntp/commit/ed4ca2cf012677973c220cdba36b5c60bfa0260b • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVSS: 4.9EPSS: 2%CPEs: 32EXPL: 0CVE-2020-15025 – Gentoo Linux Security Advisory 202007-12
https://notcve.org/view.php?id=CVE-2020-15025
24 Jun 2020 — ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. ntpd en ntp versión 4.2.8 versiones anteriores a 4.2.8p15 y versiones 4.3.x anteriores a 4.3.101, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria) mediante el envío de paquetes, porque la memoria ... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.4EPSS: 0%CPEs: 79EXPL: 0CVE-2020-13817 – ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS
https://notcve.org/view.php?id=CVE-2020-13817
04 Jun 2020 — ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegación de servicio ... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html • CWE-330: Use of Insufficiently Random Values CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.3EPSS: 1%CPEs: 4EXPL: 0CVE-2018-8956
https://notcve.org/view.php?id=CVE-2018-8956
06 May 2020 — ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker. ntpd en ntp versiones 4.2.8p10, 4.2.8p11, 4.2.8p12 y 4.2.8p13, permiten a atacantes remotos impedir qu... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2020-11868 – ntp: DoS on client ntpd using server mode packet
https://notcve.org/view.php?id=CVE-2020-11868
17 Apr 2020 — ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x anteriores a 4.3.100, permite a un atacante fuera de ruta bloquear una sincronización no autenticada por medio de un paquete en modo server con una dirección IP de origen falsifica... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html • CWE-346: Origin Validation Error CWE-400: Uncontrolled Resource Consumption •