Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntpd vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-6445
An issue exists in NTPsec prior to 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
Ntpsec Ntpsec
1 EDB exploit
4
CVSSv2
CVE-2019-6442
An issue exists in NTPsec prior to 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
Ntpsec Ntpsec
1 EDB exploit
4
CVSSv2
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
1 EDB exploit
4
CVSSv2
CVE-2015-7850
ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
4
CVSSv2
CVE-2017-6463
NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
Ntp Ntp 4.3.13
Ntp Ntp 4.3.14
Ntp Ntp 4.3.20
Ntp Ntp 4.3.21
Ntp Ntp 4.3.28
Ntp Ntp 4.3.29
Ntp Ntp 4.3.36
Ntp Ntp 4.3.37
Ntp Ntp 4.3.43
Ntp Ntp 4.3.44
Ntp Ntp 4.3.50
Ntp Ntp 4.3.51
Ntp Ntp 4.3.52
Ntp Ntp 4.3.59
Ntp Ntp 4.3.6
Ntp Ntp 4.3.66
Ntp Ntp 4.3.67
Ntp Ntp 4.3.74
Ntp Ntp 4.3.75
Ntp Ntp 4.3.81
Ntp Ntp 4.3.82
Ntp Ntp 4.3.89
4
CVSSv2
CVE-2017-6464
NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows remote malicious users to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
Ntp Ntp 4.3.1
Ntp Ntp 4.3.10
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.32
Ntp Ntp 4.3.33
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.55
Ntp Ntp 4.3.56
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.71
Ntp Ntp 4.3.78
Ntp Ntp 4.3.79
Ntp Ntp 4.3.85
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
4
CVSSv2
CVE-2016-1549
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and previous versions and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify...
Ntp Ntp 4.2.8
1 Article
3.5
CVSSv2
CVE-2015-7851
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP prior to 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite ...
Ntp Ntp
Ntp Ntp 4.2.8
3.5
CVSSv2
CVE-2018-7170
ntpd in ntp 4.2.x prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issu...
Ntp Ntp
Ntp Ntp 4.2.8
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »