Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntpd vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-6445
An issue exists in NTPsec prior to 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
Ntpsec Ntpsec
1 EDB exploit
NA
CVE-2004-0657
Integer overflow in the NTP daemon (NTPd) prior to 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
Ntp Ntp
Hp Tru64 Unix 4.0f
Hp Tru64 Unix 4.0g
Hp Tru64 Unix 5.1b
Hp Tru64 Unix 51.1a
7.5
CVSSv3
CVE-2018-7185
The protocol engine in ntp 4.2.6 prior to 4.2.8p11 allows a remote malicious users to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the ...
Ntp Ntp
Ntp Ntp 4.2.8
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
Oracle Fujitsu M10-1 Firmware
Oracle Fujitsu M10-4 Firmware
Oracle Fujitsu M10-4s Firmware
Oracle Fujitsu M12-1 Firmware
Oracle Fujitsu M12-2 Firmware
Oracle Fujitsu M12-2s Firmware
7.5
CVSSv3
CVE-2018-7184
ntpd in ntp 4.2.8p4 prior to 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote malicious users to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting ...
Ntp Ntp 4.2.8
Synology Skynas -
Synology Router Manager 1.1
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.0
Synology Virtual Diskstation Manager -
Synology Diskstation Manager 5.2
Synology Vs960hd Firmware -
Slackware Slackware Linux 14.0
Slackware Slackware Linux 14.1
Slackware Slackware Linux 14.2
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Cloud Backup -
9.1
CVSSv3
CVE-2019-6443
An issue exists in NTPsec prior to 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
Ntpsec Ntpsec
1 EDB exploit
9.1
CVSSv3
CVE-2019-6444
An issue exists in NTPsec prior to 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
Ntpsec Ntpsec
1 EDB exploit
7.8
CVSSv3
CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.10
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.32
Ntp Ntp 4.3.33
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.55
Ntp Ntp 4.3.56
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.78
Ntp Ntp 4.3.79
Ntp Ntp 4.3.85
6.5
CVSSv3
CVE-2017-6463
NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
Ntp Ntp 4.3.13
Ntp Ntp 4.3.14
Ntp Ntp 4.3.20
Ntp Ntp 4.3.21
Ntp Ntp 4.3.28
Ntp Ntp 4.3.29
Ntp Ntp 4.3.36
Ntp Ntp 4.3.37
Ntp Ntp 4.3.43
Ntp Ntp 4.3.44
Ntp Ntp 4.3.50
Ntp Ntp 4.3.51
Ntp Ntp 4.3.52
Ntp Ntp 4.3.59
Ntp Ntp 4.3.6
Ntp Ntp 4.3.66
Ntp Ntp 4.3.67
Ntp Ntp 4.3.74
Ntp Ntp 4.3.75
Ntp Ntp 4.3.81
Ntp Ntp 4.3.82
Ntp Ntp 4.3.89
4.9
CVSSv3
CVE-2020-15025
ntpd in ntp 4.2.8 prior to 4.2.8p15 and 4.3.x prior to 4.3.101 allows remote malicious users to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.ke...
Ntp Ntp 4.2.8
Ntp Ntp
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Oracle Zfs Storage Appliance Kit 8.8
6.5
CVSSv3
CVE-2019-6442
An issue exists in NTPsec prior to 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
Ntpsec Ntpsec
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »