Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntpd vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-5211
The monlist feature in ntp_request.c in ntpd in NTP prior to 4.2.7p26 allows remote malicious users to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
Opensuse Opensuse 11.4
Ntp Ntp 4.2.7
Ntp Ntp
Oracle Linux 6
Oracle Linux 7
1 EDB exploit
9 Github repositories
5
CVSSv2
CVE-2004-0657
Integer overflow in the NTP daemon (NTPd) prior to 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
Ntp Ntp
Hp Tru64 Unix 4.0f
Hp Tru64 Unix 4.0g
Hp Tru64 Unix 5.1b
Hp Tru64 Unix 51.1a
4.9
CVSSv2
CVE-2016-2517
NTP prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows remote malicious users to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, contr...
Ntp Ntp
Ntp Ntp 4.3.10
Ntp Ntp 4.3.11
Ntp Ntp 4.3.18
Ntp Ntp 4.3.19
Ntp Ntp 4.3.25
Ntp Ntp 4.3.26
Ntp Ntp 4.3.33
Ntp Ntp 4.3.34
Ntp Ntp 4.3.40
Ntp Ntp 4.3.41
Ntp Ntp 4.3.48
Ntp Ntp 4.3.49
Ntp Ntp 4.3.5
Ntp Ntp 4.3.56
Ntp Ntp 4.3.57
Ntp Ntp 4.3.63
Ntp Ntp 4.3.64
Ntp Ntp 4.3.71
Ntp Ntp 4.3.72
Ntp Ntp 4.3.79
Ntp Ntp 4.3.8
4.9
CVSSv2
CVE-2016-2519
ntpd in NTP prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows remote malicious users to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
Ntp Ntp
Ntp Ntp 4.3.11
Ntp Ntp 4.3.12
Ntp Ntp 4.3.19
Ntp Ntp 4.3.2
Ntp Ntp 4.3.27
Ntp Ntp 4.3.28
Ntp Ntp 4.3.34
Ntp Ntp 4.3.35
Ntp Ntp 4.3.41
Ntp Ntp 4.3.42
Ntp Ntp 4.3.5
Ntp Ntp 4.3.50
Ntp Ntp 4.3.57
Ntp Ntp 4.3.58
Ntp Ntp 4.3.64
Ntp Ntp 4.3.65
Ntp Ntp 4.3.72
Ntp Ntp 4.3.73
Ntp Ntp 4.3.8
Ntp Ntp 4.3.80
Ntp Ntp 4.3.87
4.6
CVSSv2
CVE-2017-6451
The mx4200_send function in the legacy MX4200 refclock in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds...
Ntp Ntp 4.3.0
Ntp Ntp 4.3.15
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.23
Ntp Ntp 4.3.24
Ntp Ntp 4.3.30
Ntp Ntp 4.3.31
Ntp Ntp 4.3.38
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.46
Ntp Ntp 4.3.47
Ntp Ntp 4.3.53
Ntp Ntp 4.3.54
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.69
Ntp Ntp 4.3.7
Ntp Ntp 4.3.76
Ntp Ntp 4.3.77
Ntp Ntp 4.3.84
4.6
CVSSv2
CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.10
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.32
Ntp Ntp 4.3.33
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.55
Ntp Ntp 4.3.56
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.78
Ntp Ntp 4.3.79
Ntp Ntp 4.3.85
4.6
CVSSv2
CVE-2005-2496
The xntpd ntp (ntpd) daemon prior to 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
Dave Mills Ntpd
4.3
CVSSv2
CVE-2016-9042
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will f...
Ntp Ntp 4.2.8
Freebsd Freebsd 10.0
Freebsd Freebsd 11.0
Hpe Hpux-ntp
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
4.3
CVSSv2
CVE-2016-4955
ntpd in NTP 4.x prior to 4.2.8p8, when autokey is enabled, allows remote malicious users to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
Ntp Ntp 4.2.8
Ntp Ntp
Oracle Solaris 11.3
Oracle Solaris 10
Novell Suse Manager 2.1
Suse Linux Enterprise Server 11
Suse Openstack Cloud 5
Suse Manager Proxy 2.1
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
4
CVSSv2
CVE-2020-15025
ntpd in ntp 4.2.8 prior to 4.2.8p15 and 4.3.x prior to 4.3.101 allows remote malicious users to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.ke...
Ntp Ntp 4.2.8
Ntp Ntp
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Oracle Zfs Storage Appliance Kit 8.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »