Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp ntp 4.2.8 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 up to and including 4.2.8p10 allows remote malicious users to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
Ntp Ntp 4.2.8
Freebsd Freebsd 10.4
Freebsd Freebsd 11.1
Freebsd Freebsd 10.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Netapp Element Software -
1 Article
7.5
CVSSv2
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
7.5
CVSSv2
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
7.5
CVSSv2
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.5
CVSSv2
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.5
CVSSv2
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.5
CVSSv2
CVE-2017-6458
Multiple buffer overflows in the ctl_put* functions in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
Ntp Ntp 4.2.8
Ntp Ntp
Hpe Hpux-ntp
Apple Mac Os X
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
6.5
CVSSv2
CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
Ntp Ntp 4.3.13
Ntp Ntp 4.3.14
Ntp Ntp 4.3.11
Ntp Ntp 4.3.12
Ntp Ntp 4.3.19
Ntp Ntp 4.3.2
Ntp Ntp 4.3.26
Ntp Ntp 4.3.20
Ntp Ntp 4.3.21
Ntp Ntp 4.3.29
Ntp Ntp 4.3.3
Ntp Ntp 4.3.36
Ntp Ntp 4.3.37
Ntp Ntp 4.3.43
Ntp Ntp 4.3.44
Ntp Ntp 4.3.51
Ntp Ntp 4.3.52
Ntp Ntp 4.3.59
Ntp Ntp 4.3.6
Ntp Ntp 4.3.66
Ntp Ntp 4.3.67
Ntp Ntp 4.3.74
5.8
CVSSv2
CVE-2020-13817
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. T...
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Element Software -
Netapp Hci Management Node -
Netapp Ontap Tools -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Opensuse Leap 15.1
Opensuse Leap 15.2
Fujitsu M10-1 Firmware
5.8
CVSSv2
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »