Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chrony project chrony vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-0021
Chrony prior to 1.29.1 has traffic amplification in cmdmon protocol
Chrony Project Chrony
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
5
CVSSv2
CVE-2010-0293
The client logging functionality in chronyd in Chrony prior to 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote malicious users to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
Tuxfamily Chrony 1.19
Tuxfamily Chrony 1.20
Tuxfamily Chrony
Tuxfamily Chrony 1.19.99.3
Tuxfamily Chrony 1.19-1
Tuxfamily Chrony 1.19.99.2
Tuxfamily Chrony 1.21-pre1
Tuxfamily Chrony 1.18
Tuxfamily Chrony 1.24-pre1
Tuxfamily Chrony 1.19.99.1
Tuxfamily Chrony 1.21
5
CVSSv2
CVE-2010-0294
chronyd in Chrony prior to 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote malicious users to cause a denial of service (disk consumption) via a large number of invalid packets.
Tuxfamily Chrony 1.19
Tuxfamily Chrony 1.20
Tuxfamily Chrony
Tuxfamily Chrony 1.19.99.3
Tuxfamily Chrony 1.19-1
Tuxfamily Chrony 1.19.99.2
Tuxfamily Chrony 1.21-pre1
Tuxfamily Chrony 1.18
Tuxfamily Chrony 1.24-pre1
Tuxfamily Chrony 1.19.99.1
Tuxfamily Chrony 1.21
5
CVSSv2
CVE-2010-0292
The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony prior to 1.23.1, and 1.24-pre1, allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS mes...
Tuxfamily Chrony 1.19
Tuxfamily Chrony 1.20
Tuxfamily Chrony
Tuxfamily Chrony 1.19.99.3
Tuxfamily Chrony 1.19-1
Tuxfamily Chrony 1.19.99.2
Tuxfamily Chrony 1.21-pre1
Tuxfamily Chrony 1.18
Tuxfamily Chrony 1.24-pre1
Tuxfamily Chrony 1.19.99.1
Tuxfamily Chrony 1.21
6.4
CVSSv2
CVE-2009-3563
ntp_request.c in ntpd in NTP prior to 4.2.4p8, and 4.2.5, allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE erro...
Ntp Ntp
Ntp Ntp 4.2.2
Ntp Ntp 4.2.0
Ntp Ntp 4.0.98
Ntp Ntp 4.0.72
Ntp Ntp 4.0.90
Ntp Ntp 4.0.96
Ntp Ntp 4.0.93
Ntp Ntp 4.1.0
Ntp Ntp 4.1.2
Ntp Ntp 4.2.5
Ntp Ntp 4.0.99
Ntp Ntp 4.0.95
Ntp Ntp 4.2.2p3
Ntp Ntp 4.2.2p2
Ntp Ntp 4.0.92
Ntp Ntp 4.0.73
Ntp Ntp 4.0.97
Ntp Ntp 4.0.91
Ntp Ntp 4.2.2p1
Ntp Ntp 4.0.94
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started