Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntpd vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2019-6443
An issue exists in NTPsec prior to 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
Ntpsec Ntpsec
1 EDB exploit
6.4
CVSSv2
CVE-2019-6444
An issue exists in NTPsec prior to 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
Ntpsec Ntpsec
1 EDB exploit
6.4
CVSSv2
CVE-2009-3563
ntp_request.c in ntpd in NTP prior to 4.2.4p8, and 4.2.5, allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE erro...
Ntp Ntp
Ntp Ntp 4.2.2
Ntp Ntp 4.2.0
Ntp Ntp 4.0.98
Ntp Ntp 4.0.72
Ntp Ntp 4.0.90
Ntp Ntp 4.0.96
Ntp Ntp 4.0.93
Ntp Ntp 4.1.0
Ntp Ntp 4.1.2
Ntp Ntp 4.2.5
Ntp Ntp 4.0.99
Ntp Ntp 4.0.95
Ntp Ntp 4.2.2p3
Ntp Ntp 4.2.2p2
Ntp Ntp 4.0.92
Ntp Ntp 4.0.73
Ntp Ntp 4.0.97
Ntp Ntp 4.0.91
Ntp Ntp 4.2.2p1
Ntp Ntp 4.0.94
5.8
CVSSv2
CVE-2021-22212
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. Thi...
Ntpsec Ntpsec 1.2.0
Fedoraproject Fedora 34
5.8
CVSSv2
CVE-2020-13817
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. T...
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Element Software -
Netapp Hci Management Node -
Netapp Ontap Tools -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Opensuse Leap 15.1
Opensuse Leap 15.2
Fujitsu M10-1 Firmware
5.8
CVSSv2
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
5.8
CVSSv2
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
5
CVSSv2
CVE-2021-0227
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an malicious user to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
5
CVSSv2
CVE-2018-8956
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote malicious users to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or cont...
Ntp Ntp 4.2.8
5
CVSSv2
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »